ADVERTISEMENT

Researchers bypass Microsoft’s MFA by simply guessing possible 6-digit codes

Microsoft accounts, including Outlook, OneDrive, Teams, Azure Cloud, and more, had no rate limiting, and potential attackers could bypass the multifactor authentication just by guessing authenticator app codes. And what's even more worrying, according to the Oasis Security report, is that users weren’t provided with any notification or indication of trouble.

Microsoft sign in

Image by Shutterstock.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Dec 12, 2024 Updated: 12 December 2024 2 min read
ADVERTISEMENT
Ernestas Naprys Gintaras Radauskas jurgita Niamh Ancell BW
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT