On February 21, 2023, UWM IT will make security updates to the Microsoft Authenticator App. This update is required by Microsoft to increase security and reduce accidental approvals. The update requires users to enter the number displayed on the sign-in screen when approving an MFA request in the Authenticator app. This change only applies to the use of the Microsoft Authenticator App Push Notification option. All other authentication processes will remain the same. Please refer to the images below for more information about the updated process.
Microsoft Authenticator Application notifications will also display additional context indicating app and location, based on IP address, used in the authentication request. Please Note: Location is based on the IP address used in the authentication request which may not always map to the physical location of the user.
When logging into UWM systems and authenticating using the Microsoft Authenticator App push notification, you will now see a number displayed in the sign-in prompt on screen. On your mobile device you will receive a push notification. When you open the push notification, you will see the location map of the IP address where you are attempting to sign in, and a prompt with a text box and number pad to match the number on screen. Enter the number from the sign-in prompt on screen, and tap Yes to approve the sign in.
Authentication request screen with number matching
MS Authenticator App Push Notification Screen with number matching and additional context
Please Note: If the location map presented in the prompt does not match your physical location, this could be for reasons such as IP Address location, VPN use, and cell phone tower location. If you receive a prompt that you did not initiate, do not approve the prompt. Additionally, Microsoft Authenticator app will no longer support the use of the Apple Watch for sign-in approvals.
Can I opt out of this change? This change is a mandatory security upgrade by Microsoft, however, it only is being applied to the Microsoft Authenticator App Push Notification method. If you wish to avoid number matching and location mapping during authentication, you can change your primary method to call or text and you will no longer be prompted to authenticate via the Microsoft Authenticator App. For more information about changes to the Microsoft Authenticator App, please review this article. If you need assistance regarding this topic, please contact the UWM Help Desk.