Teams Real Simple with Pictures: Adding Number Matching and Context to Authenticator Notifications via Azure Active Directory

Its Sunday night. 9pm. I am teaching Microsoft 365 Fundamentals the next few days. I am speaking at Build the week after. So you know the score. Yes - that's right it's Jack Bauer time all over again. And so this week I'm gonna change tack (yet again) and return to talking about Azure AD: this time about authenticator notifications and lighting up two preview functionalities. The first is Number Matching which requires users to enter the number displayed on the sign-in screen, and Additional Context which adds the app the user is signing into as well as their IP location. Why are these important? Well, imagine a user who simply - without thought - approves an authenticator request when it pops up on their device. What if that approval isn't actually legit at all. What if it's a malicious actor who has phished the users credentials and knows that if they periodically enter the username and password, that there is a high probability the user will approve the request. By default authenticator doesn't ask you to take any further actions apart from approval or denial nor does it make you second guess that. It doesn't give you any information to say what app is being accessed or where they are signing in from. If I put my security hat on that's problematic especially when accessing apps such as Teams which could contain a lot of sensitive information. So two nice adds to the authentication experience. They make the user more mindful and this should - in theory at least - harden the security posture.