New Microsoft Multifactor Authentication (MFA) Method
At Technical Support International (TSI), we understand the importance of keeping your personal and business data secure. That’s why Microsoft implemented a new Multifactor Authentication (MFA) method to help protect your accounts from unauthenticated access.
What is Multifactor Authentication?
Multifactor Authentication is a security feature that requires you to provide two or more forms of identification before accessing your account. With MFA, even if someone gets hold of your password, they won’t be able to access your account without the additional form of authentication.
This can include:
- a fingerprint scan
- a facial recognition scan, or
- a code sent to your phone or email.
Why Use Multifactor Authentication?
Cybersecurity threats are becoming increasingly sophisticated, and a simple password is no longer enough to keep your account safe. By implementing MFA, you are adding an extra layer of security that significantly reduces the risk of unauthenticated access to your account.
New MFA Authentication Method Coming February 2023
Beginning on 2/27/2023, Microsoft will be changing its MFA authentication method from a “push to approve” to a “number matching” model. All authentication methods must be changed over to the new “number matching” by end of May 2023.
What does this mean?
“Push to approve” and “number matching” are both common methods of Multifactor Authentication (MFA) that provide an extra layer of security beyond just a username and password. However, they differ in terms of the user experience and the level of security they offer.
“Push to approve” involves receiving a notification on your mobile device or computer that prompts you to approve or deny a login attempt. For example, after entering your username and password, you will receive a push notification on your phone asking if you are trying to log in. If you approve the request, you will be granted access to your account. This method is often seen as more user-friendly and convenient than other MFA methods, as it eliminates the need to enter a code or remember additional information.
On the other hand, “number matching” involves generating a unique code that must be entered during the login process. This code is typically generated through a dedicated mobile app or hardware token. Once you have entered your username and password, you will be prompted to enter the code generated by the app or hardware token. This method can be seen as more secure, as it requires physical access to the mobile device or hardware token to generate the code.
While “push to approve” is a more user-friendly method of MFA, “number matching” provides a higher level of security as it requires physical access to a device or token to generate the unique code.
Who does this impact?
These changes will only impact users using Microsoft’s Authenticator Application.
Why is this occurring?
Microsoft is implementing this change in order to address users from blindly approving authentication requests due to what they call, ‘MFA fatigue’.
Although this extra step may appear as a slight inconvenience, it will significantly improve your cybersecurity posture and minimize the chance of accidentally permitting unwanted access to outside threat actors.
How does this directly impact you?
By switching to a “number matching” model, Microsoft believes that this additional precaution will encourage users to verify *which* device is triggering the MFA approval request by requiring the input of a 2-digit approval code that will be generated through the Microsoft Authenticator Application.
How to Enable Multifactor Authentication
Enabling MFA on your Microsoft account is quick and easy.
Simply follow these steps:
1. Go to your Microsoft account security page.
2. Select “More security options.”
3. Under “Two-step verification,” select “Set up two-step verification.”
4. Follow the prompts to set up MFA using your preferred authentication method.
How do you prepare for this change?
To help guide you through these changes, please refer to our instructions below.
TSI’s MFA Number Changing Instructions & Details
When you sign in to an app and are prompted for MFA authentication, a 2-digit number shows on the app that you are logging in to. You must then type this number on your MFA approval device for the approval to succeed.
- Sign in to https://office.com or an O365 App such as email. Log in with your full email address and password. If you’ve recently signed in to O365, you may not be prompted to provide MFA authentication.
- From the app that you’re signing in to, a screen similar to the one below appears.
- On the phone, tap approve sign-in.
For additional instructions, details and information, please visit Microsoft’s MFA page: Use Number Matching for MFA Notifications.
TSI is Here to Help!
Don’t take chances when it comes to the security of your Microsoft account. Enable Multifactor Authentication today and enjoy the peace of mind that comes with knowing your data is safe and secure. We are always here to help and support you, please don’t hesitate to reach out to your Account Manager or our Helpdesk for assistance.