MFA Number Matching

Jun 13, 2023

Microsoft MFA now includes “number matching” to combat MFA fatique!

“Number Matching” or “OTP (One-Time Password) Code Matching” in Microsoft’s Multi-Factor Authentication (MFA) system can now be configured to require users to enter the number displayed on the logon page into their Microsoft Authenticator app. Here is why you should consider turning this feature on:

MFA fatigue reduction:

By simplifying the MFA process to only requiring users to enter a specific number, Microsoft’s number matching reduces cognitive load and fatigue associated with complex MFA challenges, improving user adoption and compliance.

Phishing attack prevention:

Number matching ensures users are interacting with a legitimate authentication process, reducing the risk of falling victim to phishing attacks where attackers trick users into entering credentials on fake websites.

Increased account security:

By verifying the number displayed on the logon page, users add an extra layer of protection against account takeover, even if the attacker possesses correct login credentials.

Defense against credential stuffing attacks:

Number matching makes it more challenging for automated tools used in credential stuffing attacks to complete the authentication process, enhancing security against such attacks.

 

By incorporating number matching as part of Microsoft’s MFA, organizations can enhance security, reduce MFA fatigue, and provide a streamlined authentication experience for users within the Microsoft ecosystem.

Purple Matrix can help minimise your cyber exposure – talk to us today!

 

Purple Matrix is a Microsoft Gold Partner with 22 years of experience in cyber security and cloud technologies.
If your organisation would benefit from working with an out-of-the-box thinking IT company then get in touch!