- 06 Sep 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
2FA Fatigue Attack
- Updated on 06 Sep 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
A 2FA Fatigue Attack – also known as 2FA Bombing or 2FA Spamming – is a cyberattack strategy where attackers have gained access to the password of the target account and repeatedly send two-factor push authentication requests to the targets registered devices. The goal is to coerce the victim by exhaustion to approve them access into the application, thus authenticating the attackers attempt at entering their account.
To mitigate this Visma Authenticator App allows 5 push notifications to be ignored or denied before it suspends more attempts the next 30 minutes.