Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
MFA fatigue, or push bombing, floods a user with repeated MFA approval prompts until they accept one, granting the attacker access.
MFA Fatigue Definition: MFA fatigue, or push bombing, floods a user with repeated MFA approval prompts until they accept one, granting the attacker access.
MFA fatigue, also called push bombing or prompt bombing, is a social-engineering attack in which an adversary who already holds valid credentials repeatedly triggers multi-factor authentication push notifications until the frustrated or confused user approves one. Defenses include number matching, push throttling, and phishing-resistant FIDO2 or passkey authentication that removes the simple approve prompt.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →