Authentication Method - Microsoft Authenticator - Included users/groups of number matching for push notifications
Why This Matters
Number matching in Microsoft Authenticator push notifications helps prevent MFA fatigue attacks by requiring users to match a number displayed on their sign-in screen instead of simply approving a generic notification. If number matching is not enabled for all users, attackers who have compromised credentials can continuously push notifications until the user accidentally approves, bypassing multi-factor authentication. Enforcing this feature for all users significantly reduces the risk of successful credential phishing and MFA bypass attacks.
What Aether365 Checks
Aether365 verifies that the number matching required state in Microsoft Authenticator is configured to include all users as the target group. This check appears in your Aether365 dashboard under the entra-id checks category (EIDSCA.AM04).