Qutzl Insights

Advertisement

1 min read

MFA fatigue and how to stop push bombing

Attackers spam approve prompts until someone taps Yes. How number matching and better MFA choices help.

By Michael NarehoodSecurity

Multi-factor authentication still works when it is not a blind “Approve?” button.

What MFA fatigue looks like

An attacker with a stolen password triggers dozens of push notifications. A tired employee finally accepts. The attacker is in.

Better defaults

  • Prefer number matching on Microsoft Authenticator
  • Prefer phishing-resistant options (FIDO2 / passkeys) for admins
  • Limit who can receive push prompts at all

What to tell staff

Never approve a sign-in you did not start. If prompts appear out of nowhere, change the password and tell IT immediately.

Qutzl can help harden Microsoft 365 authentication for your tenant. Contact us.