Microsoft has made security updates to the Microsoft Authenticator app for mobile devices. Those who use Microsoft Authenticator for multifactor identification logins, including logins to MyEnroll360, will notice changes when using the app while logging into applications. Changes were implemented to fend off multi-factor authentication (MFA) fatigue attacks.
MFA fatigue attacks occur when cybercriminals flood targets with mobile push notifications asking them to approve attempts to log into their accounts using stolen credentials. Often targets succumb to the repeated MFA attacks allowing unauthorized access.
Microsoft implemented the following two updates:
These updates have been automatically applied to prevent MFA fatigue attempts.