Because many users are so familiar with the process of accepting a push request, MFA fatigue might lead them to absent-mindedly or accidentally hit the “accept” button, even if it’s not them. From there, the attacker has the freedom to roam a company’s internal resources. As people and organ...