Microsoft has removed a key obstacle facing organizations seeking to deploy phishing-resistant multifactor authentication (MFA) by enabling certificate-based authentication (CBA) in Azure Active Directory. This comes as experts anticipate advanced phishing attacks will rise next year. “I think social engineering and MFA bypass attacks will continue to grow in 2023, where some other major service providers suffer meaningful breaches like we did this year,” Andrew Shikiar says.