Microsoft will make passkeys the default authentication method for Entra ID starting in September 2026, automatically moving users who rely on SMS or voice authentication to passkeys. SMS and voice sign-in will be retired on February 1, 2027, as Microsoft urges organizations to adopt phishing-resistant methods to reduce credential theft and account takeovers. #Microsoft #EntraID #Passkeys #ShinyHunters
Keypoints
- Passkeys will become the default for Microsoft Entra ID in September 2026.
- Users using SMS or voice authentication will be prompted to register a passkey.
- Microsoft will retire SMS and voice authentication on February 1, 2027.
- Existing phishing-resistant methods like Windows Hello and FIDO2 keys will continue to work.
- Microsoft recommends phishing-resistant authentication to defend against credential theft and attacks.