Ensure Microsoft Authenticator is configured to protect against MFA fatigue
Why This Matters
MFA fatigue attacks exploit user desensitization to repeated approval prompts, tricking users into granting unauthorized access. By enabling number matching and contextual details like app name and location, you ensure that each push notification requires active verification, significantly reducing the risk of credential theft from social engineering.
What Aether365 Checks
Aether365 verifies that Microsoft Authenticator push notifications are configured with number matching enabled, and that application name and geographic location details are displayed. This check appears in your Aether365 dashboard under the identity security section for Microsoft Entra ID.