We are starting to deploy some Azure resources and we are evaluating whether we should keep Duo MFA or switch to Microsoft Authenticator. While Duo feels more user-friendly, there is one feature Microsoft has that I wish Duo did: Number Matching. Basically, for first-time or risky logins it displays a number on the web browser’s login screen which the user has to enter in their MFA app. This guarantees that they don’t accidentally approve an unrequested MFA prompt from muscle memory.
Hi @StoopidMonkey, thanks for your interest in Duo and for sharing your question here. While I can’t share details at this time, the Duo team is actively exploring ways to reduce push fraud, and there is an existing feature request for this functionality with a lot of customer support. I encourage you to ask your Duo sales representative for more information, as they may be able to share more details with you than I can in our public forum.