Security News > 2023 > November > Microsoft Authenticator suppresses suspicious MFA notifications
Microsoft has quietly rolled out a new mechanism that shields users of its mobile Authenticator app from suspicious push notifications triggered by attackers.
In early May, Microsoft added the number matching feature for Microsoft Authenticator push notifications to boost account security and stymie attackers relying on multi-factor authentication fatigue.
"In response to this, we took additional steps to keep users happy and secure by suppressing Authenticator pop-up notifications when a request is anomalous," he explained.
Microsoft Authenticator identifies and holds back suspicious notifications.
Added in late September, this new mechanism prevents prompts for anomalous and potentially suspicious Authenticator notifications - e.g., notifications triggered by requests originating from an unfamiliar location - from being displayed on the user's phone screen.
"It's important to note that the notifications are not deleted. They're simply suppressed and can still be accessed by the user within the Authenticator App. If a user encounters a genuine request from an unusual source, they can retrieve the notification by accessing their authenticator app," Weinert pointed out.
News URL
https://www.helpnetsecurity.com/2023/11/08/microsoft-authenticator-suspicious-notifications/