While you were sleeping…
MFA Fatigue
No, it’s not the 1995 romcom about miscommunications and star-crossed lovers.
It’s the reality that can happen while you are sleeping or simply just sleepy.
Have you ever felt frustrated by the flood of notifications from your multi-factor authentication (MFA) app? Especially when you’re just about to fall asleep? Or have you ever been woken by an MFA notification–time and time again? Have you ever just hit “Approve” to make the notifications go away? Or have you ever been so tired that you aren’t aware that you’re tapping “Approve”? This is called “MFA Fatigue.”
Guess who loves MFA Fatigue…cybercriminals! They love it because they can take advantage of it to gain access to your sensitive business data.
MFA is essential for keeping your data secure, and it protects 99.9% of the time. That 0.1% it doesn’t can be due to MFA Fatigue. MFA adds that extra layer of protection to your apps and accounts by asking you to verify your identity in two or more ways, as with a password or a code sent to your phone.
The constant alerts can be overwhelming–exhausting, in fact.
Cybercriminals know this and will use it to their advantage by bombarding you or your employees–sometimes, in the middle of the night–with a constant stream of MFA notifications. This makes it more likely that someone will authenticate a login attempt through frustration, tiredness, or just to get the notifications to stop.
Thankfully, there is now a new weapon in the fight against MFA Fatigue.
Number Matching
Microsoft Authenticator has introduced number matching as a way of making sure your MFA notification is from the correct login attempt, preventing cybercriminals from taking advantage of notification fatigue.
How does number matching work?
When you receive an MFA notification, the app will display a randomly generated number. You then need to input this number to authenticate the login attempt and prove you’re not a cybercriminal trying to access your business data.
Biometric Authentication
And that’s not all. Microsoft Authenticator also allows for biometric authentication, which means you can use your face, fingerprint, or other unique physical features to prove your identity and combat the threat of MFA Fatigue Attacks.
With these security measures in place, your business can stay ahead of cybercriminals and keep your sensitive data better protected.
We can help!
If you already use Microsoft Authenticator, number matching is ready to use. Simply make sure your app is up-to-date, and you’ll be protected. If you use another MFA system and want to look at how to make your security better or easier, just get in touch; we can help.
Published with permission from Your Tech Updates.