Forum Discussion
Solved
Approve login - Relation information
Hi All
To explain my questions a little bit:
- Sometimes Outlook needs a new Token a login-window appears - but I cannot see if this is from Outlook or from a source that I should not approve.
- Lately I had to connect to a rdp via a tdp gateway and the Authentictor App beeped. I feel uncomfortable about the experience: How can I know that this my request and not a hacker that knows my password?
So my questions:
- Exists a setting in windows / setting in AAD/ tool /browser plugin / ... to show more information about the login request (for a Windows Application)?
- Is there a setting in the Microsoft Authenticator app to show more information about the request?
AppRegistration, Source IP?
Or is this feature request?
txs Flori
- Hi BilalelHadd
May be it's overcautious,
- I cannot see which Application triggers the login.
How do I know if it is Outlook, Teams or any malware?
- I cannot see the relation of the login and the approve. The only relation is the time.
Checking the login after 10 minutes .. What about checking before approve?
cu Flori
- Hi Florian,
Quite simple, if you didn't sign in, don't accept the challenge.
You can manage the sign-in logs to view the MFA requestor within the Azure Portal - > Azure Active Directory > Select the user > Sign-in logs. There is a delay of approx—10 min. There you can filter by Device, Source IP, Application, etc. You can also monitor if an MFA challenge was accepted or rejected.
I hope this helps!- Hi BilalelHadd
May be it's overcautious,
- I cannot see which Application triggers the login.
How do I know if it is Outlook, Teams or any malware?
- I cannot see the relation of the login and the approve. The only relation is the time.
Checking the login after 10 minutes .. What about checking before approve?
cu Flori- I have some good news for you, Microsoft just listened to your request 😉 See the following blog post of Jan Bakker on how to enable the new functionally. Keep in mind that this is not officially supported yet. So don't enable the feature in production.
https://janbakker.tech/enable-location-information-and-code-match-for-azure-mfa/
