Feeds.4Sysops
Microsoft Transitions to Passkeys, Phasing Out SMS and Voice Authentication by 2027
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Microsoft has announced that starting September 1, 2026, passkeys will become the default authentication method for Entra ID, replacing SMS and voice-based multifactor authentication. This change is aimed at enhancing security against phishing attacks, particularly as AI-assisted phishing campaigns have seen click-through rates as high as 54%. Users currently relying on SMS or voice authentication will be automatically transitioned to passkeys, which utilize public-key cryptography and are considered more secure. Microsoft will retire its native SMS and voice authentication services on February 1, 2027, requiring organizations to use third-party providers if they still need these methods. The company is encouraging organizations to prepare for this transition by identifying users who depend on SMS or voice authentication and developing plans to migrate them to passkeys. This move is part of a broader industry trend towards passwordless authentication to mitigate credential theft risks.
Key Points: • Microsoft will make passkeys the default sign-in method for Entra ID starting September 1, 2026. • SMS and voice-based authentication will be retired on February 1, 2027, requiring third-party services. • AI-assisted phishing campaigns have prompted this shift, with click-through rates reaching 54%.