> I can't understand why someone would do that. People are really careless...
A lot of of it is probably carelessness but there are a lot of configurations out there that train users to accept random MFA requests. For example, some vpn configurations send MFA requests when they reauth at essentially random times.
It's pretty easy - you're asleep, phone sound/vibration wakes you up, you're on call so you pick up the phone, it face unlocks, through your unfocused eyes you see a thumbprint icon and aren't sure if face unlocked worked in the dark, so you touch it.
A second later you're wide awake and wondering what the hell was that mfa for...
A lot of of it is probably carelessness but there are a lot of configurations out there that train users to accept random MFA requests. For example, some vpn configurations send MFA requests when they reauth at essentially random times.