Skip to page content
Client Hub Tel 01892 830111

Microsoft Authenticator: It is all about the numbers

By Jig Mehta, Digital Marketing Specialist | Published 14 Feb 2023

Microsoft Authentication is having a slight update from 27 February. Microsoft will be implementing a number matching system. This will change how you use this security feature and it will impact those using the Apple Watch.

What is the number matching system?

When you login to your system using Multi-Factor Authentication via the Microsoft Authenticator app, you are asked to enter a 6-digit number that the authenticator application provides, or you are sent an SMS message with a code to then approve the login. The number matching system simply works in the other direction. So when you login you will be provided a number on your PC that you then enter into the Authenticator application, approving the login.

Why the change?

The main problem with the current system is to do with the sending of a message to approve the login. The bad guys could bombard the target with multiple notifications in the hope that you will accidently approve the MFA notification. Known as an MFA fatigue attack!

Number matching requires the user to enter a number into the app to approve the login, and as you won’t know the number required until you’re signing in, you can’t approve the login. Number matching is still susceptible to social-engineering, where the user is tricked into entering the number because they believe that they are communicating with someone from their IT team. Just to note we would never ask to login into your account on our device, so if someone does contact you asking you to enter a number into the Authenticator app tell them to take a hike, and contact us.

Is this going to make it harder?

Unfortunately, the simple truth is… Yes!

In the continual drive to beat the criminals and hackers of the world, security keeps getting more and more complex and for the lowly user it just makes our login process that bit harder.

Plus…. if you are using a wearable device such as the Apple Watch to approve the login, I have sad news for you. 😥 It will no longer work. This is purely because the screen size won’t be large enough to enter the numbers into the application. Therefore, if you have Microsoft Authenticator on your Watch, delete it now, and set it up on a mobile device.

A new hope

Microsoft, Google AND Apple have all agreed to make passwords a thing of the past. They are now collaborating on making the FIDO (Fast Identity Online) standard work for the mainstream.

FIDO works by turning a local device such as your phone into the means to login into an account, because unlike passwords, which criminals can enter from a distance, your device is unlikely to end up in their hands.

But there is still lots of work to be done, so stay tuned.

Share this post
Case Studies

Success Stories

From laying the IT foundations, to cloud migration, Microsoft 365 adoption and Wi-Fi optimisation for AC Goatham's

Read More

Taking Locate in Kent to the next level by migrating to the cloud and implementing Microsoft 365

Read More

Our Professional Services Team consolidated RH Group's server room making them more streamlined and efficient

Read More

Accreditations

Partner Accreditations and Certifications

Cyber Essentials HP Business Partner Veeam SMB Hot 101 Channel Futures 2021 Channel Futures datto Silver Global Partner Program WatchGuard ID Agent ISO 27001 ISO 9001 Microsoft Partner
Contact Us