Microsoft Authenticator Push Notification Variations
Have you ever noticed some behavior that made you think "That's different"? I noticed this with push notifications a while back. Microsoft supports more than one Push Notification usage pattern in their Microsoft Authenticator application. Sometimes you will see more than one of them with the same account across different sites within the same organization. Push Notifications are more integrated with the authenticator application. The server indirectly sends a message to registered Authenticator applications. The user interacts with the Authenticator app and the app sends the response back to the server. MFA happens in the authenticator app from the human's point of view. Microsoft Authenticator also supports TOTP tokens as an alternative to Push Notifications. TOTP generates numeric sequences that can be used as part of MFA. Numbers change on a regular cadence. The user provides the current token value shown in the Authenticator app when a server asks for ...