Hello!
Where am I seeing this?
- Subject: Exam AZ-900: Microsoft Azure Fundamentals
- Learning Path: Azure Fundamentals: Describe Azure architecture and services
- Module: Describe Azure identity, access, and security
- Unit: 3 of 11 Describe Azure authentication methods
Multifactor authentication is not completely immune to attack
This is certainly true. Security is a scale on which you can achieve high degrees of security but it's very difficult to say that anything is completely immune to an attack. We've definitely seen some impressive examples of this in headlines over the past several years.
An adversary-in-the-middle (also known as MITM) attack could effectively capture the form (or factor) of identification that is provided by something that the user has. Fortunately, this is time sensitive and orders of magnitude more difficult than methods used to bypass something that the user knows, which makes this type of attack less common than those made on password checks.
We'll pass this suggestion along to the content team however there was recently a major effort to make the Azure Fundamentals content less technical in order to focus on concepts. As a result, a change may complicate the training material too much for an introductory course at this time.
Thank you very much for your feedback!