cancel
Showing results for 
Search instead for 
Did you mean: 

Push bombing mitigation

kramachandran
JumpCloud Alumni
JumpCloud Alumni

Push_bombing mitigation.png

JumpCloud Protect will enforce a limit on concurrent push notification attempts per resource to reduce push bombing or MFA fatigue risks.  User can re-attempt Push MFA for that resource login after the user has approved or denied the transaction or the push attempt has expired. This applies to user portal login, application access, password reset, and device login. Admins will have the option to turn off or increase the limit of allowed concurrent push notification attempts through an admin console setting with default limit value being 1.

The feature is expected to be on a slow roll out from Apr 11, 2023.

admin_console_settings.png

kramachandran_0-1678736967087.png

 

 

 

 

 

Please check out our blog and Knowledge base article on incorporating additional measures to organization's accounts to increase your security posture.

Blog: https://jumpcloud.com/blog/push-bombing-mfa-fatigue

kb: https://jumpcloud.my.site.com/support/s/article/Configuring-JumpCloud-Protect-for-Administrators

0 REPLIES 0