Redis Overload to Blame for 17-Hour Azure MFA Login Crisis

Published at CBR on Nov 20, 2018 by CBR Editor 

“Requests from MFA servers to Redis Cache in Europe reached operational threshold causing latency and timeouts”

A 17-hour-long hiccup that prevented Microsoft Azure users with multi-factor authentification (MFA) set from logging in to their accounts was down to an overloaded Redis cache, Microsoft said Tuesday.

The issue suggests Microsoft may not have been ready for the extent of MFA uptake by increasingly security-conscious Azure users.

Redis is an in-memory database that persists on disk. Many users deactivated their MFA. Others were unable to do so. Microsoft in part fixed the issue by “cycling” (restarting) its servers.

The cause of similar issues for Office 365 users meanwhile was attributed to a “coding issue” following updates to its MFA services, Microsoft added, saying it is monitoring the situation to ensure service is uninterrupted.

Read Full Article