Enable number matching for better security in Microsoft MFA
November 16, 2022
Those of us who manage IT security know that even MFA authentication methods can be hacked. As a result, the quest continues to find a more perfect solution for handling MFA authentication requests, and 2FA apps have become (in some instances) a preferred approach over traditional SMS codes. Microsoft has featured a tap-to-confirm functionality in the Microsoft Authenticator app for some time now, but one of the problems was that there was no way for a user to determine whether an MFA prompt was from their own login attempt or a malicious one. Thankfully, Microsoft has a new feature called number matching to address this issue. Microsoft plans to eventually switch this feature on as the default behavior for the Authenticator app, but you can manually turn this on yourself to take advantage of this feature today: