Number matching is a key security upgrade to traditional multi-factor authentication (MFA) notifications in Microsoft Authenticator.
Microsoft
At Bondgate IT we recommend that everyone uses multi-factor authentication (MFA) to protect your online accounts from evil hackers.
Why is multi-factor authentication important?
Because passwords are not enough to keep your accounts secure. Hackers can use a variety of techniques to crack passwords or steal them, such as phishing attacks or data breaches. Once they have your password, they can access your account and do all sorts of damage, such as stealing your data, sending spam or malware, or even locking you out of your own account.
With multi-factor authentication, even if a hacker manages to steal your password, they won’t be able to access your account without the additional factor, such as your phone or your fingerprint. This extra layer of security can make all the difference in keeping your accounts safe.
Does MFA work 100% of the time?
MFA used to be an effortless process. Log in, click accept in the authenticator application and start work. Hackers quickly smartened up to this and invented new ways of getting around MFA using social engineering attacks.
In the world of cybersecurity, MFA fatigue attacks are a growing concern. These attacks involve a threat actor using stolen login credentials to repeatedly attempt to log in to an account, triggering a seemingly endless barrage of MFA push notifications to the account owner’s mobile device.
The aim of these attacks is to keep the pressure on the target 24/7, causing them to become frustrated with the constant stream of MFA prompts and potentially letting their guard down, leading to a security breach.
What is changing with MFA?
Microsoft has announced a new security feature called ‘number matching‘ which will be added to the Microsoft Authenticator app starting February 22, 2023. If you currently use this app for your multi-factor authentication (MFA), you will notice this change.
After the introduction of number matching, when using the Microsoft Authenticator app, you will be shown an additional number on your Single Sign-On (SSO) login screen. This additional number will provide an extra layer of security to help protect your data and personal information.
If you do not have the option to input the numbers into your Microsoft Authenticator app when requested, it may be that you need to upgrade your Authenticator app to the latest version.
See below:
Does this mean I am fully protected?
Unfortunately, no. Cyber criminals are always looking for new opportunities and ways into businesses. MFA is one of what should be a multi-layered approach to security.
Do you and your team need assistance to get ready for this change? Speak to us today to see how the team at Bondgate IT can help you.