Authentication Method - Microsoft Authenticator - Show application name in push and passwordless notifications

Why This Matters

When users receive push or passwordless notifications from Microsoft Authenticator, seeing the application name helps them quickly verify the legitimacy of the request. Without this context, users may accidentally approve a malicious sign-in attempt, increasing the risk of account compromise. Enabling this setting improves user awareness and reduces the likelihood of social engineering attacks targeting authentication approvals.

What Aether365 Checks

Aether365 verifies that the Microsoft Authenticator configuration requires application names to be displayed in push and passwordless notifications. This check is displayed in your Aether365 dashboard under the entra-id security category.

Microsoft references

• Microsoftauthenticatorauthenticationmethodconfiguration
• [Graph explorer](https://developer.microsoft.com/en-us/graph/graph-explorer?request=policies/authenticationMethodsPolicy/authenticationMethodConfigurations()