San Francisco, October 29: Microsoft has released a new feature for its multi-factor authentication (MFA) program, Microsoft Authenticator, to prevent spam attacks.
According to ZDNet, the company has implemented “number matching” in push notifications, which will help prevent MFA attacks that rely on push notification spam. Microsoft layoffs: The tech giant is laying off about 1,000 employees across various divisions.
When “number matching” is enabled, the Authenticator app prompts the user to enter the number shown on the login screen, rather than simply selecting “approve” when approving the MFA request. This will be a useful feature for administrators whose users were unprepared for an MFA attack.
For now, this feature is available to administrators, but in February 2023, the company wants to make “number matching” standard for all Authenticator users. Microsoft to set up India’s largest data center with an investment of Rs 15,000 crore.
To avoid unintended approvals, administrators can also configure Authenticator to use the application context and the location context. Once the new feature becomes the default Authenticator app, admin deployment controls will be removed.
Earlier this year, researchers discovered so-called “MFA fatigue attacks” targeting Office 365 users. In these attacks, attackers repeatedly trigger MFA push notifications while trying to log into a victim’s account using a previously compromised password.
The attacker was counting on the victim to become tired or inattentive enough to mistakenly approve the login attempt, the report said.
(The above story first appeared on LatestLY on 29 Oct 2022 at 16:15 IST. For more news and updates on politics, world, sports, entertainment and lifestyle, visit our website Latestly.com).
https://www.latestly.com/technology/microsoft-introduces-new-security-feature-to-multi-factor-authentication-app-prevents-spam-attacks-4391695.html