Microsoft Adds Riddles to MFA: users weary of this query

by | Apr 1, 2024 | Office 365, Windows

How the tech giant is testing your wit with its latest security feature 
Four puzzle pieces coming together in the Microsoft bran colors

April 1, 2024: If you use Microsoft products, you may have noticed a new challenge when you try to log in to your account. Instead of the usual code or notification, you are presented with a riddle to access your email, files, or apps.  

This is not a glitch. It is a new feature by Microsoft as part of its ongoing efforts to improve security and user experience. 

According to a blog post by the company, the riddles are designed to “enhance the user experience” and “ensure bots are unable to gain access.” The riddles are randomly generated from a pool of thousands and range from easy to hard.  

There is a riddle large language model in the works so that AI can generate more on command. The AI system will be called SphynxThinkx.  

Some examples of the riddles you may come across are: 

  1. I am not alive, but I grow; not human, but I eat; not a plant, but I need air; not a machine, but I can die. What am I? 
  1. I have many keys, but no doors or locks. I have space, but no room. You can enter, but can’t go outside. What am I? 
  1. I have cities but no houses. I have mountains but no trees. I have water but no fish. What am I? 

The blog post claims that the riddles are not only fun, but also effective in preventing unauthorized access.  

Microsoft VP of Security Improvements D. Cyfer commented, “Riddles are a form of cognitive authentication, which requires the user to demonstrate their intelligence and creativity. Unlike passwords or codes, riddles cannot be guessed, hacked, or stolen. This is the next step in multifactor authentication; we are happy to be leaders in this exciting new path.” 

Many users have expressed their dissatisfaction with the new riddle feature, which they find annoying, impractical, and insecure. They argue that the riddles interfere with their productivity, as they must spend time and effort solving them before accessing their files or programs. If you are one of the frustrated users, don’t worry. The riddles are only a temporary feature and will be removed soon.  

At SpireTech, we are always on the lookout for the latest trends and innovations in the tech industry and strive to always use the latest technologies to keep your data safe. 

We also have a sense of humor and appreciate a good prank. We hope you have a laugh and a challenge with the riddles, and don’t forget to check your security settings regularly.  

Happy April Fool’s! Did we get you? 

Riddle Answers: 

1. Fire 

2. A keyboard 

3. A map