Suspicious Microsoft Authenticator requests don't trigger notifications anymore
Microsoft Authenticator will suppress suspicious authentication prompts to protect users against social engineering attacks. Microsoft has now enabled the security feature, which it unveiled back in August 2023.
Microsoft Authenticator is a two-factor authentication software by Microsoft. It generates temporary codes for accounts added to the application, which are required to sign-in to services protected by the second security layer.
The application displays a notification on the device it is installed on if a new sign-in is recognized. Users may then interact with the notification to quickly approve or decline the sign-in. Usually, this involves selecting the right number that is displayed on the original sign-in page and in Authenticator.
Login requests that are considered suspicious won't trigger the notifications anymore. Threat actors would bombard users with notification requests in the past, in the hope that users would approve sign-ins eventually to get rid of the notifications. For this, it was necessary to have the correct username and password of the account.
Requests that have potential risks will be suppressed now by Microsoft Authenticator. Factors such as the location of the request or anomalies play a role in the assessment.
While suspicious requests won't trigger notifications anymore, they continue to be listed in the Microsoft Authenticator app. Users who open the application will see the request there. The prompt displays the name of the account, the application or service, and also the location. A map is also displayed to better highlight the location in the world.
Microsoft Authenticator users may type the number manually to allow it, or select "no, it's not me" instead to block it.
Since there is a chance that legitimate requests are classified as suspicious, it is important that these requests continue to be displayed in the app.
Microsoft explains: "It’s important to note that the notifications are not deleted. They’re simply suppressed and can still be accessed by the user within the Authenticator App. If a user encounters a genuine request from an unusual source, they can retrieve the notification by accessing their authenticator app. The app serves as a repository for all authenticator notifications, ensuring users have a convenient way to retrieve any missed requests".
Microsoft Authenticator is not the only app for this purpose. You can check out our list of best authenticator apps for Android and iOS. Android users may take a closer look at my favorite app, Aegis Authenticator.
The new protective system blocks notifications of suspicious authentication requests now. This should reduce the number of unintentional confirmations by users of Microsoft Authenticator.
Now You: which authenticator app do you use, if any?Advertisement