Mfa fatigue attacks expose the limits of push-based authentication

At a glance

What this is: This is an analysis of MFA fatigue attacks and why repeated push prompts can be abused to bypass authentication controls.

Why it matters: It matters because IAM teams need controls that withstand social engineering across human identity programmes while also informing adjacent NHI and autonomous access patterns that depend on trust in authentication events.

By the numbers:

• 80% of successful business account compromise attacks occurred on those already set up with MFA.
• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.

👉 Read Axiad's analysis of MFA fatigue attacks and stronger authentication controls

Context

MFA fatigue attacks are a form of push-based social engineering that exploit user behaviour rather than breaking cryptography. The primary identity problem is human IAM, because the attacker relies on a person accepting repeated prompts until the authentication barrier collapses.

The broader governance issue is that many authentication programmes still assume a single challenge is a reliable signal of intent. Once attackers can flood the user with notifications, the control becomes a persistence mechanism for pressure instead of a defence mechanism for assurance.

Key questions

Q: How should security teams reduce the risk of MFA fatigue attacks?

A: They should limit push-based approvals for high-risk access, use phishing-resistant authenticators, and suppress repeated prompts that create user fatigue. Authentication controls also need risk signals such as device change, location change, and unusual access timing so the system can stop treating every prompt as equally trustworthy.

Q: Why do MFA fatigue attacks still work when MFA is already deployed?

A: They work because MFA often assumes a legitimate user will distinguish a real prompt from an attacker-generated one. When attackers can trigger repeated notifications, the control becomes a behaviour test rather than a cryptographic barrier, and the human is the weakest part of the chain.

Q: What breaks when organisations rely on push notifications for sensitive access?

A: The trust model breaks. Push notifications can be worn down, manipulated, or confused with legitimate activity, so the approval no longer proves intent. Sensitive applications need stronger step-up controls and transaction-aware authentication, especially when the user session is already under stress.

Q: Should organisations replace MFA or improve it with stronger factors?

A: They should improve it with stronger factors rather than abandon it. Passwordless methods and public key-based authenticators reduce credential theft and prompt fatigue exposure, while step-up controls keep the strongest checks for the highest-risk actions instead of forcing them on every login.

Technical breakdown

Push prompt fatigue as an authentication failure mode

MFA fatigue works by turning a valid authentication flow into a denial of attention. An attacker repeatedly triggers push prompts after obtaining a password or session entry point, then waits for the user to approve one of them out of habit, confusion, or annoyance. The control failure is not MFA itself but the trust model behind it: a push approval is treated as meaningful assurance even when the request is unexpected, repeated, and decoupled from user intent.

Practical implication: reduce reliance on approval-based push prompts for sensitive access paths.

Why phishing-resistant authenticators change the trust model

Phishing-resistant authenticators use public key cryptography so the approval event is bound to the origin and transaction context instead of a reusable secret or a generic prompt. That matters because MFA fatigue attacks exploit transportable trust, not just stolen credentials. When the factor cannot be replayed, proxied, or repeatedly prompted into acceptance, the attacker loses the easiest path from credential theft to account compromise.

Practical implication: require phishing-resistant authenticators for high-risk user populations and applications.

Session controls and step-up checks around sensitive access

Even strong MFA at login does not protect every downstream action. If an attacker gets a valid session after prompt fatigue, they may still reach sensitive applications unless additional checks exist for risky activity, new device enrolment, location shifts, or privilege elevation. In practice, the authentication event must be linked to the action being taken, not only to the initial sign-in.

Practical implication: add step-up controls when access scope changes or critical applications are reached.

Threat narrative

Attacker objective: The attacker wants to turn user annoyance into authenticated access that can be used to reach the victim’s account, device, or sensitive applications.

1. Entry occurs when an attacker obtains a user password through phishing or another credential theft method and begins generating repeated MFA push prompts.
2. Escalation occurs when the user approves one of the prompts after fatigue, confusion, or a deceptive help desk message, which gives the attacker authenticated access.
3. Impact occurs when the attacker uses that access to reach the account or device and then move into sensitive applications or data.
4. The attacker objective is to convert a social-engineering prompt into legitimate authenticated access without needing to bypass the MFA system technically.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• Azure Key Vault privilege escalation exposure — Azure Key Vault Contributor role misconfiguration enabled privilege escalation.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Push-based MFA is a human behaviour control, not a reliable assurance control. MFA fatigue attacks succeed because the attacker is not defeating cryptography first. They are exploiting approval habits, notification overload, and the assumption that a user tap equals intent. For IAM programmes, that means the control is only as strong as the human response pattern behind it. Practitioners should treat repeated push approval as a governance weakness, not a user inconvenience.

Phishing-resistant authenticators reduce the approval surface, which is where this attack lives. When authentication depends on an approval prompt that can be repeated until someone gives in, the organisation has created a stateful pressure channel. Public key-based authenticators remove the reusable secret and bind the factor more tightly to the transaction context. The field lesson is simple: if the factor can be socially worn down, it is not resilient enough for high-risk access.

Identity attack surface is widening because MFA policy design still overestimates user discernment. This is not just a login issue. It affects session trust, help desk workflows, privileged access, and the assumptions behind step-up authentication for sensitive applications. The implication is that authentication governance must be built around action sensitivity and user-verification boundaries, not around a single gate at sign-in.

MFA fatigue shows how quickly a weak human control can become an account take-over path. Once attackers can pair stolen credentials with repeated prompts, the remaining defence is often a tired user. That makes prompt management, phishing-resistant factors, and risk-based access decisions part of the same control plane. Practitioners should stop treating MFA as a box to tick and start treating it as a trust architecture.

From our research:

• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
• Only 5.7% of organisations have full visibility into their service accounts, which means most identity programmes are still operating with partial control-plane awareness.
• That visibility gap is why teams should also review 52 NHI Breaches Analysis for recurring credential and lifecycle failure patterns that persist beyond human MFA issues.

What this signals

Prompt fatigue is a warning sign that authentication governance is still too user-centric. When organisations rely on humans to detect synthetic pressure, they create a brittle control that fails under sustained prompting. The practical shift is toward phishing-resistant authenticators, contextual step-up, and session policies that react to risk instead of assuming user judgment will hold.

The same architectural lesson now applies beyond human login. As access programmes expand into service accounts, workload identities, and agentic systems, the industry should expect stronger linkage between authentication events, action sensitivity, and lifecycle control. Teams that separate those concerns will keep seeing the same trust failure in different forms.

For practitioners

• Reduce push prompt dependence for sensitive access Prioritise phishing-resistant authenticators for users who access admin consoles, finance systems, customer data, or privileged workflows. Keep push approval only where the business impact of prompt abuse is low and the access scope is narrow.
• Limit repeated MFA attempts and trigger risk review Set thresholds for repeated MFA requests, unusual geolocation changes, and new-device enrolment so the system can suppress noise and escalate suspicious patterns for review instead of continuing to prompt.
• Add step-up checks at sensitive application boundaries Require additional verification when users move from normal login into applications that hold sensitive data or elevated privileges, especially if the session origin, location, or device posture changes.
• Train users on prompt flooding and help desk impersonation Teach employees to treat unexpected notification bursts as a warning sign and to report any request to approve MFA that they did not initiate, including messages claiming to be from support.

Key takeaways

• MFA fatigue succeeds because attackers exploit user behaviour, not because MFA lacks any value.
• Expel’s finding that 80% of successful business account compromise attacks still occurred on MFA-protected accounts shows why push prompts alone are not enough.
• Phishing-resistant authenticators, step-up checks, and prompt suppression are the controls most likely to limit this failure mode.

Key terms

• Mfa Fatigue Attack: A social-engineering attack that overwhelms a user with repeated authentication prompts until one is approved. The weakness is behavioural, not cryptographic. The attacker relies on annoyance, confusion, or urgency to turn a legitimate MFA workflow into unauthorised access.
• Phishing-resistant Authenticator: An authentication factor that cannot be easily replayed, proxied, or tricked into disclosure by phishing. In practice, it uses public key cryptography and binds the authentication response to the legitimate origin and transaction context, reducing the value of stolen passwords or repeated prompts.
• Step-up Authentication: An additional verification step triggered when risk increases, such as a new device, location change, or access to sensitive data. It is not a replacement for MFA. It is a way to match the strength of authentication to the sensitivity of the action being requested.

Deepen your knowledge

MFA fatigue, phishing-resistant authentication, and step-up access design are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are tightening identity controls across user and machine access, it is worth exploring.

This post draws on content published by Axiad: The Growing Problem with MFA Fatigue Attacks (And What You Can Do About It). Read the original.