Catch-22: iOS MS Authenticator Prompt Blocks the Number Matching Codes

nya 15 Reputation points
2023-02-22T20:25:18.1533333+00:00

We've started piloting a small group at our organization with number matching MFA, as Microsoft will enforce number matching in May 2023. We are NOT using conditional access, but are currently on per-user MFA.

Some iOS users have reported issues when they need to reauthenticate the Outlook app on their iPhones with Microsoft Authenticator installed. They are redirected from Outlook to Microsoft Authenticator to enter a password, and before the user is presented with a two-digit code, the notification prompts show up, completely covering the two-digit code needed for number matching.

User-submitted image - The two-digit code is hidden behind the prompt.

Microsoft Authenticator blocking the number matching number

There is no option to temporarily hide the notification prompt or peek behind the notification. Maybe the app/geolocation displayed is causing the issue, but we would like to keep them displayed. You will be able to see the two-digit code once you select 'No, it's not me', but obviously the code is now invalid, and generating a new two-digit code will push new notification prompt to block the newly generated number.

The current workaround is to select "No it's not me", then hit "Get Codes", copy one-time passcode, "I can't use my Microsoft Authenticator app right now", then select OTP, then paste the code, but the workaround is not practical for average users. Good thing Outlook for iOS is logged in persistently but we expect to get more calls with the upcoming number matching deadline in May.

Has anyone experienced a number matching issue on Microsoft Authenticator with iOS? Just wait for MS to update the app?

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
6,813 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,694 questions
{count} votes

6 answers

Sort by: Most helpful
  1. Andy David - MVP 147.9K Reputation points MVP
    2023-02-23T12:02:42.2366667+00:00

    The users should be able to switch apps on the Iphone. Thats what I do when I see this and then switch back to the auth prompt to enter the numbers.

    1 person found this answer helpful.

  2. Andy David - MVP 147.9K Reputation points MVP
    2023-02-23T21:45:14.69+00:00

    Unfortunately, I haven't seen that or heard of any issues like that :(

    We've had number matching enabled since it was first in preview and I haven't seen this, sorry.

    With passwordless auth and number matching, it works really well for us. That may be the only difference, you are using passwords.

    0 comments No comments

  3. Steve Bratt 0 Reputation points
    2023-03-20T13:09:44.71+00:00

    Yes… This is a real problem because I just had it. You can’t switch between the apps, because authenticator is actually showing both parts. There is an option to hide the code entry dialogue, which says it will hide it for 15 seconds, but iOS puts a timer or ‘waiting’ dialogue in front of the codes. I had to select the I can’t use authenticator right now dialog and get a text code.

    0 comments No comments

  4. Steve Bratt 0 Reputation points
    2023-03-20T13:10:43.8233333+00:00

    User's image


  5. Andy David - MVP 147.9K Reputation points MVP
    2023-03-20T13:12:17.9433333+00:00

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.