Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks performed during the account login stage.
Microsoft Authenticator is an app that provides multi-factor authentication, password auto-fill, and password-less sign-in to Microsoft accounts.
When a user tries to log into an account with protected by multi-factor authentication (MFA), the Authenticator app sends a push notification to the user’s device to grant or deny access.
Alternatively, the app generates a temporary access code for users to manually log into their account.
Hackers are known to exploit the push notification feature by performing a large number of login attempts for the target account, often at inconvenient times, hoping to frustrate or tire the recipients.
If the worn-down user approves a request, the attacker gains access to the account and may alter the login protection settings to lock the legitimate user out.
For additional security, Microsoft introduced “number matching” in May, a mechanism where the user must enter a number displayed on the sign-in screen into their Authenticator app to approve the login.