Microsoft has bolstered the security of its Authenticator app by introducing a protective feature that automatically blocks potentially suspicious multi-factor authentication (MFA) alerts. This move comes as hackers have been exploiting MFA push notifications by inundating users with login attempts at inconvenient times, often leading to compromised accounts.
Furthermore, the Authenticator app now analyzes login attempts and checks for unusual activity, unfamiliar locations, and other indicators of possible hacking attempts. If such indicators are detected, the notification is blocked, and users are prompted to manually enter a code for verification, enhancing security and mitigating the risk of account breaches.
In addition to blocking suspicious notifications, Microsoft had previously introduced “number matching” to improve MFA fatigue attacks, requiring users to enter a number displayed on the sign-in screen into the Authenticator app to approve login attempts. While this measure was successful in reducing the effectiveness of such attacks, it did not prevent the generation of annoying notifications. With the new feature, Microsoft further scrutinizes login details and implements this added layer of defense.
Although these security improvements are a significant step forward in safeguarding users, login notifications are still generated and accessible within the Authenticator app if users need to review them. Since the release of this feature in late September, Microsoft has successfully blocked more than six million MFA notifications suspected of being initiated by hackers. This enhancement offers users greater protection against unauthorized access attempts and reinforces Microsoft’s commitment to improving online security.