Coming Feb. 27 – Azure MFA Microsoft Authenticator Updates

Dear Bobcat,

Starting February 27, you'll be asked to complete an extra step when using the Microsoft Authenticator app with Azure Multi-Factor Authentication (MFA). Microsoft is launching this update to comply with new MFA guidelines from the U.S. Cybersecurity Agency that protect your account against hackers.

After February 27, the next time you're prompted to authenticate, you'll see a number on your device’s screen. Then, you'll enter this number on your phone's Microsoft Authenticator app to authenticate.

[Screenshots]

Making your account safer

Authenticating this way prevents a new form of hacking called MFA fatigue attacks. These attacks are growing in popularity and Microsoft recorded 40,000 in a single month. In an MFA fatigue attack, a hacker steals your password in a phishing attempt and sends repeated MFA push notications to your phone, hoping you'll accidentally approve them (and let the hacker access your data!). Number matching protects you from accidentally accepting an authentication request that you didn't initiate. Learn about the number matching update Note: This update only applies to the Microsoft Authenticator app on your smartphone. If you use a phone call or text message (SMS) to authenticate, this update does not impact you. No action is required - Microsoft is applying this update to all accounts by default on February 27.

For a quicker authentication experience, you can: Select Remember me for 90 days at any OHIO log-in screen Disable app lock so you can open the Microsoft Authenticator app without entering your phone's passcode. The Oce of Information Technology (OIT) is here to help with any questions about this update. View Using the Microsoft Authenticator App with Azure MFA for more information or visit help.ohio.edu, where you can submit a ticket or contact the IT Service Desk. Thank you for keeping your information secure!