Microsoft’s MFA is so strong, it locked out users for 8 hours | Cyber Security
Cyber Security

Microsoft’s MFA is so strong, it locked out users for 8 hours | Cyber Security

Related Posts

How AI, Machine Learning, and Endpoint Security Overlap

11 Useful Security Tips for Securing Your AWS Environment

 

On 19 November at 04:39 UTC (23:39 EST), Microsoft Office 365 and Azure Active Directory started reporting that they were unable to access the multi-factor authentication (MFA) system or reset passwords, locking them out of their accounts.

When Microsoft’s cloud authentication is working correctly, users should be able to authenticate their username and password credentials via text message, phone call, app verification code, or push request.

This, it turned out, was no mere hiccup, with problems for users across Europe, Asia-Pacific and the Americas continuing for at least eight – a long time for users to be unable to log into such an important business platform.

Microsoft eventually offered an explanation:

Preliminary root cause: A recent update to the MFA service introduced a coding issue that prevented users from being able to sign in or carry out self-service password resets when using MFA for authentication.

Twitter complaints soon rolled in on a scale ranging from annoyed to angry:

Which is to say, admins couldn’t even temporarily turn off MFA for users as they were locked out by the same issue.

In theory, only organisations hosting Azure MFA on their own servers rather than through Microsoft’s infrastructure would have been unaffected by this.

You might also like

Google Launches Cybersecurity Career Certificate Program

ChatGPT Emerges as Key AI Tech for Security Vendors

Hackers Use HTML Smuggling To Distribute Malware by E-mail

5 safety tips to follow while making digital payment transactions

Leave A Reply

Your email address will not be published.