Idea ID: 2874250

Competitive feature request: Add "Number Matching" to Pushes via NetIQ Auth app to guard against MFA Fatigue attacks

Elfstone Elfstone
Status : New Idea

A social engineering technique called 'MFA Fatigue', aka 'MFA push spam', is growing more popular with threat actors as it does not require malware or phishing infrastructure and has proven to be successful in attacks.

Here's a good, recent description of the TTP that has been trending in cybersecurity industry news for the past year or so:

MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches (

Most of your top-tier competitors have released product updates this year to address this problem. Some examples are below:

  • Competitor implementation: Azure MFA (Number Matching)

Use number matching in multifactor authentication (MFA) notifications - Azure Active Directory - Microsoft Entra | Microsoft Learn

  • Competitor implementation: CIsco DUO (Verified Duo Push)

Duo Administration - Policy & Control | Duo Security

  • Competitor implemention: Okta (Number Challenge)

Configure Okta Verify

  • Is it a solution, to disable the push notification in general? As an policy. Then the user must open the app proactive to accept/decline the auth request.


    Thank you for taking the time to bring this point to our attention.
    The team had started looking into this trend and I will bring your additional comments to their attention as well.