{"id":1248,"date":"2026-01-16T08:00:33","date_gmt":"2026-01-16T13:00:33","guid":{"rendered":"https:\/\/www.montclair.edu\/phish-files\/?p=1248"},"modified":"2026-01-21T15:43:19","modified_gmt":"2026-01-21T20:43:19","slug":"duo-mfa-fatigue","status":"publish","type":"post","link":"https:\/\/www.montclair.edu\/phish-files\/2026\/01\/16\/duo-mfa-fatigue\/","title":{"rendered":"MFA Fatigue: When \u201cApprove\u201d Is the Wrong Choice"},"content":{"rendered":"<p data-start=\"153\" data-end=\"447\">Multi-Factor Authentication (MFA) is essential for keeping campus accounts and data secure. By requiring a second verification\u2014like a push notification, text, or token\u2014MFA helps protect sensitive research, personal data, and university systems. But there\u2019s a growing concern: <strong data-start=\"429\" data-end=\"444\">MFA fatigue<\/strong>.<\/p>\n<p data-start=\"153\" data-end=\"447\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.montclair.edu\/phish-files\/wp-content\/uploads\/sites\/290\/2025\/12\/How-Does-MFA-Fatigue-Work.png\" alt=\"\" width=\"853\" height=\"640\" \/><\/p>\n<h2 data-start=\"449\" data-end=\"475\">What is MFA Fatigue?<\/h2>\n<p data-start=\"476\" data-end=\"715\">MFA fatigue occurs when users are repeatedly prompted to approve authentication requests\u2014sometimes dozens of times a day. This can create stress and frustration, leading users to reflexively click \u201cApprove\u201d without verifying the request.<\/p>\n<p data-start=\"717\" data-end=\"949\">Cybercriminals exploit this behavior through tactics like <strong data-start=\"775\" data-end=\"794\">\u201cpush bombing,\u201d<\/strong> sending multiple approval requests to trick users into granting access. A fatigued click on \u201cApprove\u201d can give attackers instant access to your account.<\/p>\n<hr data-path-to-node=\"6\" \/>\n<h2 data-start=\"951\" data-end=\"982\">Why Higher Ed is a Target<\/h2>\n<p data-start=\"983\" data-end=\"1239\">Universities store vast amounts of personal and research data, making them high-value targets. With students, faculty, and staff logging in from multiple devices and locations, MFA fatigue creates an opportunity for attackers to gain unauthorized access.<\/p>\n<hr data-path-to-node=\"6\" \/>\n<h2 data-start=\"1241\" data-end=\"1282\">Do\u2019s and Don\u2019ts to Protect Yourself<\/h2>\n<h3 data-start=\"1284\" data-end=\"1293\"><strong data-start=\"1284\" data-end=\"1291\">Do:<\/strong><\/h3>\n<ul data-start=\"1294\" data-end=\"1932\">\n<li data-start=\"1294\" data-end=\"1383\">\n<p data-start=\"1296\" data-end=\"1383\"><strong data-start=\"1296\" data-end=\"1323\">Pause before approving:<\/strong> If you didn\u2019t initiate the login, it\u2019s likely suspicious.<\/p>\n<\/li>\n<li data-start=\"1384\" data-end=\"1530\">\n<p data-start=\"1386\" data-end=\"1530\"><strong data-start=\"1386\" data-end=\"1418\">Switch to Duo Verified Push:<\/strong> This method shows login details like device and location, making it easier to identify unauthorized attempts.<\/p>\n<\/li>\n<li data-start=\"1531\" data-end=\"1654\">\n<p data-start=\"1533\" data-end=\"1654\"><strong data-start=\"1533\" data-end=\"1579\">Contact the IT Service Desk if you can\u2019t switch:<\/strong> The IT Service Desk can help ensure your account is using the safest MFA method.<\/p>\n<\/li>\n<li data-start=\"1655\" data-end=\"1758\">\n<p data-start=\"1657\" data-end=\"1758\"><strong data-start=\"1657\" data-end=\"1688\">Report fraudulent requests:<\/strong> If you did not initiate the request, hit Fraud in the Duo mobile app.<\/p>\n<ul data-start=\"1294\" data-end=\"1932\">\n<li data-start=\"1655\" data-end=\"1758\">If you are unable to report the fraudulent request via the app, please contact the IT Service Desk.<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1759\" data-end=\"1932\">\n<p data-start=\"1761\" data-end=\"1932\"><strong data-start=\"1761\" data-end=\"1822\">Report phishing emails with the Phish Alert Button (PAB):<\/strong> If you receive a suspicious email, report it immediately to help protect yourself and the campus community.<\/p>\n<\/li>\n<\/ul>\n<h3 data-start=\"1934\" data-end=\"1946\"><strong data-start=\"1934\" data-end=\"1944\">Don\u2019t:<\/strong><\/h3>\n<ul data-start=\"1947\" data-end=\"2434\">\n<li data-start=\"1947\" data-end=\"2061\">\n<p data-start=\"1949\" data-end=\"2061\"><strong data-start=\"1949\" data-end=\"1984\">Approve requests automatically:<\/strong> Clicking \u201cApprove\u201d just to stop notifications can compromise your account.<\/p>\n<\/li>\n<li data-start=\"2062\" data-end=\"2148\">\n<p data-start=\"2064\" data-end=\"2148\"><strong data-start=\"2064\" data-end=\"2089\">Ignore notifications:<\/strong> Unexpected prompts may indicate an attempted compromise.<\/p>\n<\/li>\n<li data-start=\"2149\" data-end=\"2337\">\n<p data-start=\"2151\" data-end=\"2337\"><strong data-start=\"2151\" data-end=\"2201\">Share your Duo codes or passwords with anyone:<\/strong> Attackers may pose as the IT Service Desk or use phishing forms (like Google Forms) to trick you into giving your credentials and MFA code.<\/p>\n<\/li>\n<li data-start=\"2338\" data-end=\"2434\">\n<p data-start=\"2340\" data-end=\"2434\"><strong data-start=\"2340\" data-end=\"2376\">Rely on less secure MFA methods:<\/strong> SMS or phone calls are easier for attackers to exploit.<\/p>\n<hr data-path-to-node=\"6\" \/>\n<\/li>\n<\/ul>\n<h2 data-start=\"2436\" data-end=\"2475\">Moving Toward Safer MFA Practices<\/h2>\n<p data-start=\"2476\" data-end=\"2691\">Using <strong data-start=\"2482\" data-end=\"2503\">Duo Verified Push<\/strong> is a safer, more informative way to authenticate. It reduces MFA fatigue by giving you context for each login attempt and helps you spot suspicious activity before it becomes a problem.<\/p>\n<p data-start=\"2693\" data-end=\"2974\"><strong data-start=\"2693\" data-end=\"2706\">Remember:<\/strong> Not every \u201cApprove\u201d request is safe. Switch to Duo Verified Push, pause before approving, never share your codes or passwords, report suspicious emails with the PAB, and contact the Help Desk if you need assistance. Your vigilance keeps our campus community secure.<\/p>\n<hr data-path-to-node=\"6\" \/>\n<h2 data-start=\"553\" data-end=\"653\">Want to Know More?<\/h2>\n<p>Google | <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/phishing-targeting-higher-education\">Phishing Campaigns Targeting Higher Education Institutions<\/a><\/p>\n<p>sosafe| <a href=\"https:\/\/sosafe-awareness.com\/en-us\/glossary\/mfa-fatigue-attack\/\">MFA Fatigue Attack<\/a><\/p>\n<p>One Identity | <a href=\"https:\/\/www.oneidentity.com\/learn\/what-is-mfa-fatigue.aspx\">What is MFA fatigue<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multi-Factor Authentication (MFA) is essential for keeping campus accounts and data secure. By requiring a second verification\u2014like a push notification, text, or token\u2014MFA helps protect sensitive research, personal data, and university systems. But there\u2019s a growing concern: MFA fatigue. What is MFA Fatigue? MFA fatigue occurs when users are repeatedly prompted to approve authentication requests\u2014sometimes [&hellip;]<\/p>\n","protected":false},"author":349,"featured_media":625,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1248"}],"version-history":[{"count":7,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1248\/revisions"}],"predecessor-version":[{"id":1297,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1248\/revisions\/1297"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/625"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}