{"id":2471,"date":"2023-02-08T09:00:53","date_gmt":"2023-02-08T17:00:53","guid":{"rendered":"https:\/\/blogs.ufv.ca\/itservices\/?p=2471"},"modified":"2023-01-27T15:11:17","modified_gmt":"2023-01-27T23:11:17","slug":"updates-to-microsoft-authenticator-application","status":"publish","type":"post","link":"https:\/\/blogs.ufv.ca\/itservices\/2023\/02\/updates-to-microsoft-authenticator-application\/","title":{"rendered":"Updates to Microsoft Authenticator Application"},"content":{"rendered":"<p>On February 20<sup>th<\/sup>, 2023, Microsoft is rolling out two security updates to the Microsoft Authenticator app for mobile devices. These updates will include:<\/p>\n<ul>\n<li><em>Number match experience:<\/em> if you use the <em>push notification<\/em> feature on the Microsoft Authenticator app, after you approve a sign in, you will be asked to type a two-digit code (displayed in the browser) into your Microsoft Authenticator app.<\/li>\n<li><em>Application name<\/em>: the Microsoft Authenticator app will display the name of the application that is requesting the sign in, providing you with additional context.<\/li>\n<\/ul>\n<p><strong>Who is impacted?<br \/>\n<\/strong>Those who use the <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/mobile-authenticator-app\">Microsoft Authenticator app<\/a> for two-factor authentication.<\/p>\n<p><strong>What do I need to do?<br \/>\n<\/strong>We recommend ensuring you have <a href=\"https:\/\/www.microsoft.com\/en-ca\/p\/microsoft-authenticator\/9nblgggzmcj6\">the latest version<\/a> of the Microsoft Authenticator app.\u00a0The change will happen automatically, so you don\u2019t need to do anything else.<\/p>\n<p><strong>Why is this changing?<br \/>\n<\/strong>With increasing adoption of strong authentication, multi-factor authentication (MFA) fatigue attacks (also called \u201cMFA spamming\u201d) have become more prevalent. These attacks rely on users approving a simple push notification that doesn\u2019t require you to have context of what you are signing into.<\/p>\n<p>Microsoft&#8217;s implementation of number matching prevents the accidental approval of push notifications by requiring you to type a two-digit code from the login screen into your Authenticator app. If you did not initiate a sign-in, then you won\u2019t know the two-digit code to enter, and thereby cannot approve a sign in push notification that may be unsafe.<\/p>\n<p><strong>Still have questions?<br \/>\n<\/strong>For more information about the Microsoft Authenticator app, see <a href=\"https:\/\/itservicedesk.ufv.ca\/TDClient\/52\/ITServicesPortal\/KB\/ArticleDet?ID=3330\">the Knowledgebase<\/a>.<\/p>\n<p>If you have problems signing into your account, please <a href=\"https:\/\/itservicedesk.ufv.ca\/TDClient\/52\/ITServicesPortal\/Requests\/ServiceDet?ID=451\">contact the IT Service Desk<\/a>.<\/p>\n<p>If you have other questions about Cybersecurity, please contact <a href=\"mailto:cybersecurity@ufv.ca\">cybersecurity@ufv.ca<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On February 20th, 2023, Microsoft is rolling out two security updates to the Microsoft Authenticator app for mobile devices. These updates will include: Number match experience: if you use the push notification feature on the Microsoft Authenticator app, after you approve a sign in, you will be asked to type a two-digit code (displayed in [&hellip;]<\/p>\n","protected":false},"author":242,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1],"tags":[],"class_list":["post-2471","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6AzwP-DR","_links":{"self":[{"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/posts\/2471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/users\/242"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/comments?post=2471"}],"version-history":[{"count":1,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/posts\/2471\/revisions"}],"predecessor-version":[{"id":2472,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/posts\/2471\/revisions\/2472"}],"wp:attachment":[{"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/media?parent=2471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/categories?post=2471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.ufv.ca\/itservices\/wp-json\/wp\/v2\/tags?post=2471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}