Using the Microsoft Authenticator App with Azure MFA

Description

Starting February 27, when using the Microsoft Authenticator app with Azure MFA, you’ll be prompted to enter a number shown on your screen to complete your login. This article shows you what this number-matching process looks like.

Environment

Smartphone with the Microsoft Authenticator app installed, computer

About

Microsoft is launching the number-matching update to comply with new MFA regulations from the U.S. Cybersecurity Agency that protect your account from hackers. These regulations prevent a new form of hacking called MFA fatigue attacks. During an MFA fatigue attack, a hacker steals your password in a phishing attempt and spams you with MFA push notifications, hoping that you’ll let them access your data. Authenticating through number-matching prevents this type of attack.

Note: This update impacts anyone who uses the Microsoft Authenticator app to authenticate. It is not possible to opt out of number matching when using the app. However, if you use a phone call or text message (SMS) to authenticate, you will not be impacted by this update.

Procedure

  • After February 27, 2023, navigate to any online application requiring your OHIO log-in (ex: Catmail, Blackboard, etc.).

  • Enter your OHIO email address and password.

  • You will receive a push notification on your phone from the Microsoft Authenticator app.

    • You may not receive a notification if you have selected Remember me for 90 days. You can open a private/incognito window on your web browser to see the new authentication experience.

  • Select the push notification on your phone.

  • You will then see a number on your device’s screen.

Microsoft Authenticator app showing a number on the screen.

  • Enter this number in the Authenticator app and select Yes.

Microsoft Authenticator app with a field to enter a number. Buttons "No, it's not me" and "yes" appear below the number field.

Outcome: You have successfully authenticated your log-in via number matching on the Microsoft Authenticator app. 

Note:

  • You can still select Remember me for 90 days at any online OHIO log-in screen. 

  • Apple Watch is no longer compatible with the Authenticator app due to this security update.

  • When you connect to campus VPN, you will receive a push notification instead of being prompted to number-match.

Tip: Do not accept any authentication requests that you do not recognize. You can view your account's log-in history by opening the Microsoft Authenticator app and selecting Review Recent Activity. You can also navigate to myaccount.microsoft.com and select My sign-ins.  If you do not recognize the log-in device or location, you should reset your password immediately. 

Additional Resources:

Get help from OIT

Was this helpful?
0 reviews

Details

Article ID: 550
Created
Tue 1/17/23 7:18 PM
Modified
Mon 3/27/23 4:32 PM