Forum Discussion
tjamesdp
Aug 23, 2021Copper Contributor
Multi-Factor Authentication Push Notification Improvements
Hello-
I was curious to see if there was anyway to provide a little more detail in the actual push notification sent to the end-user as the current amount of information is very limited and does not give that user enough information to determine whether the push notification/MFA attempt is legitimate or malicious.
I was looking for a bit more detail similar to what other competitors provide within their push notifications such as the Location of the Push, Source IP of the authentication, and the application which the user is attempting to authenticate to.
Thanks!
- tjamesdpCopper Contributor
Bump
- Jerry GonzalezBrass ContributorI see what you are saying. Sometimes Onedrive on work laptop at home will cause MFA on the authenticator app or SMS text message. Then of course also an offsite person working on a non work device. So I do get calls from some people at the office getting the sms text messaging or app wondering where it is coming from.
Don't have an answer but good question.
- LeoAlonsoCopper ContributorI would always go for Conditional Access Policies instead only MFA. You can configure rules and conditions based on location for example. Frequency of MFA prompts outside of company VS inside. A lot.
Here is a good article:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
I hope that helps!