On the 27th of February, Multi-Factor Authentication got even stronger.
Authentication refers to the process in which you prove you are exactly who you say you are. This is common with online accounts – the software wants to ensure it’s actually you, and so in most cases, will ask for a username and password. As we all know, passwords can be easily hacked, and accounts can be lost instantly, resulting in major stress and upheaval.
If you didn’t already know, Multi-factor authentication is an essential part of your IT security. This may be an app on your phone, an SMS message, or an automated voice call.
We need multi-factor authentication to keep our accounts secure. By utilising multiple authentication layers, even if one element is breached, the account will remain more secure than if you didn’t have multiple layers in place. Traditional usernames and passwords are easily compromised nowadays, allowing cybercriminals to attack easily.
Here at Integral IT, we’re always banging on about how you need to implement MFA on all your work applications, such as Microsoft 365, Xero and salesforce, as well as your personal applications like social media and shopping channels. MFA is always free; it is one of the easiest ways to improve your cybersecurity drastically.
Cybercriminals don’t give up that easily. They’re always looking for new ways to hack into your work and personal lives. Unfortunately, there is a new way that hackers are taking advantage of, and it is working. This is called MFA fatigue.
The cybercriminals will keep prompting you on your MFA apps until, eventually, you click approve, possibly assuming it is a colleague trying to get access to an application.
This sounds very simplistic, but it has been working. So, MFA in Microsoft 365 is going to get stronger. They’re rolling something out called Multi-Factor Authentication Number Matching.
As of the 27th of February, this has been rolled out to all Microsoft 365 tenants, so you better like it!
So, how is the MFA number matching different?
Well, if you think about the traditional Microsoft Authenticator app, all you would usually get is a ‘Approve’ or ‘Deny’ request. However, with number matching, a number will pop up that you must physically enter into your other device.
This was possible to set up previously to February 27th.
You could do this by going into the Azure active directory and then using the ‘Protect and Secure’ menu, entering the ‘authentication Methods’ option. From there, using the ‘Microsoft authenticator settings’, you can see that within one configure tab, there is an option to enable the number matching feature.
So, what are your thoughts on this new update to MFA? We believe that this truly will help to secure your business. Data and accounts from those pesky cybercriminals