MFAWatch

MFAWatch is a mobile + desktop companion that detects and blocks “MFA fatigue” attacks (push-bombing) and suspicious login patterns before users accidentally approve them. It sits between your identity provider and your users via lightweight connectors (Microsoft Entra ID, Okta) and a device-side app that enforces smart approval rules: rate limits, geo-velocity checks, impossible travel, new device risk, and “confirm the number” challenges. Admins get a simple policy dashboard, incident timeline, and one-click user lockdown when a push storm starts. Users see a clear, minimal prompt that explains why a request is risky, reducing blind approvals. This is not a new authenticator; it’s a protective layer that hardens existing MFA deployments without forcing a full migration to passkeys on day one.