Passwords alone are no longer enough to protect sensitive information from being compromised. This is where Multi-Factor authentication (MFA) comes in. MFA requires users to provide multiple forms of identification when accessing Southern Miss online applications or campus VPN services.
When using the Microsoft Authenticator App, users were shown a prompt with a Deny/Approve button. Selecting "approve" would authenticate the user and complete the connection.
A form of cyber-attack known as "MFA Fatigue" has become more common. A user whose password has been compromised will see repeated push notifications to annoy the user into hitting "approve" - thereby giving the attacker the access they desired.
Microsoft is adding "number-matching" to comply with new MFA regulations from the U.S. Cybersecurity Agency. The number matching feature ensures that only the user who initiated the login request and has physical possession of the smart device is allowed access.