Microsoft to Transition to Passkeys, Retiring SMS and Voice MFA by 2027

Microsoft to Transition to Passkeys, Retiring SMS and Voice MFA by 2027

First seen 14 Jul 2026, 09:39 UTC Feeds.4Sysops 78% similarity 21.9

Article Content

Browse articles
ThreatCluster

Microsoft Entra ID will enforce passkeys as the default authentication method starting September 1, 2026, replacing SMS and voice-based multifactor authentication (MFA). Users currently relying on these legacy methods will be prompted to register for passkeys during sign-in. The retirement of SMS and voice authentication services will occur on February 1, 2027, to promote phishing-resistant alternatives. Organizations that do not transition risk disruptions for users dependent on phone-based verification. This shift aims to enhance security by utilizing public-key cryptography, which prevents credential theft. Microsoft is encouraging users to adopt more secure authentication practices ahead of the deadlines. The transition is part of a broader industry trend towards stronger authentication methods.

Key Points: • Microsoft Entra ID will default to passkeys for authentication starting September 1, 2026. • SMS and voice-based MFA will be retired on February 1, 2027, affecting users reliant on these methods. • Organizations must transition to avoid disruptions in user sign-in processes.

ThreatCluster AI

Timeline

2026-07-14
Microsoft announces transition to passkeys
Starting September 1, 2026, passkeys will be the default authentication method for Entra ID users.
Feeds.4Sysops
2026-07-14
Retirement of SMS and voice MFA announced
Microsoft will retire SMS and voice authentication services on February 1, 2027, to promote secure alternatives.
Feeds.4Sysops

Community

Browse all →