It is important to note that the default sign-in method will remain unchanged if users have a different default authentication method set. Only users with Microsoft Authenticator as their default method, and falling within specific policy criteria, will experience the number matching approval process after May 8, 2023.
To further strengthen security against MFA fatigue attacks, organizations can implement additional measures, such as restricting the number of authentication requests, notifying administrators or locking accounts if the allowed limit is exceeded.
