Push methods fail because the attacker targets the person, not the system. Repeated prompts create fatigue, and impersonation of IT or help desk staff can make approval seem legitimate. The control can still be technically functioning while the user is socially engineered into authorising access.
Why This Matters for Security Teams
Push-based MFA is often treated as a strong second factor, but real attacks target the approval decision, not the authentication protocol. When an attacker can trigger repeated prompts, impersonate support staff, or create urgency, the control still works technically while the human is manipulated into granting access. That makes this a people-and-process failure as much as an identity failure.
For security teams, the risk is broader than account takeover. A single approved push can expose email, VPN, SaaS consoles, and downstream admin tools, especially where one identity unlocks multiple systems. NHIMG’s Ultimate Guide to NHIs — Key Challenges and Risks shows how identity abuse compounds quickly once trust is misplaced, and CISA regularly warns that social engineering remains a common entry path in active intrusions via its cyber threat advisories.
In practice, many security teams discover push fatigue after an initial foothold has already been used to move laterally, not during a controlled access review.
How It Works in Practice
Push MFA fails in the real world because it assumes the user can reliably distinguish a legitimate login from an attacker-driven prompt flood. That assumption breaks under fatigue, urgency, and support impersonation. Attackers often combine password reuse, session hijacking, or stolen primary credentials with repeated push requests until the user approves out of habit or confusion.
Current guidance suggests treating push approval as a weak signal unless it is paired with number matching, phishing-resistant factors, device binding, and contextual checks. The strongest programs are shifting toward 52 NHI Breaches Analysis-style lessons learned: access decisions should reflect the trustworthiness of the session, device, and request context, not just the presence of a notification. The Anthropic report on AI-orchestrated cyber espionage reinforces a related point: attackers increasingly automate the social and technical steps needed to convert one weak approval into a broader compromise.
- Replace bare push approvals with phishing-resistant MFA such as hardware-bound authenticators where possible.
- Require number matching or challenge-response to reduce blind approval.
- Detect MFA fatigue patterns, including repeated prompts in short windows and unusual geo-velocity.
- Use help desk controls that verify identity through independent channels before resetting factors.
- Apply step-up verification for high-risk actions, not only for initial login.
Teams should also instrument MFA events alongside identity telemetry, because the approval itself is only one signal in a broader attack chain. Top 10 NHI Issues is a useful reminder that identity controls fail fastest when trust is broad, implicit, and poorly monitored. These controls tend to break down in environments with legacy VPNs, shared administrative access, or high-volume help desk reset workflows because the attacker can pressure both the user and the support process at the same time.
Common Variations and Edge Cases
Tighter MFA controls often increase user friction and support load, so organisations have to balance phishing resistance against operational usability. That tradeoff is real, especially in remote work, executive access, and bring-your-own-device environments where device binding and hardware keys are harder to standardise.
There is no universal standard for this yet, but current guidance suggests that push MFA should be phased out first for privileged accounts, finance workflows, and any access path that can lead to admin token theft. Risk is higher when one approved session grants access to many downstream systems, because the attacker only needs one success to pivot broadly. NHIMG’s Ultimate Guide to NHIs — Why NHI Security Matters Now frames this as an identity trust problem, not just an authentication preference.
The practical exception is low-risk consumer-style access where phishing-resistant options are not yet deployable. Even there, organisations should treat push as transitional and pair it with session monitoring, stronger recovery controls, and user training that specifically addresses impersonation and fatigue attacks.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Weak auth approvals enable identity compromise and token abuse. |
| OWASP Agentic AI Top 10 | A2 | Prompt abuse and manipulated approvals mirror agent trust failures. |
| NIST AI RMF | GOVERN | Human-in-the-loop approval risks need accountable governance. |
Replace weak push-only approvals with phishing-resistant identity controls and monitored recovery paths.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 8, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
