Close Menu
geekfence.comgeekfence.com
    What's Hot

    Alberta regulated online gambling market launches

    July 14, 2026

    Prioritise AI outcomes over agent numbers, says Orange

    July 14, 2026

    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID

    July 14, 2026
    Facebook X (Twitter) Instagram
    • About Us
    • Contact Us
    Facebook Instagram
    geekfence.comgeekfence.com
    • Home
    • UK Tech News
    • AI
    • Big Data
    • Cyber Security
      • Cloud Computing
      • iOS Development
    • IoT
    • Mobile
    • Software
      • Software Development
      • Software Engineering
    • Technology
      • Green Technology
      • Nanotechnology
    • Telecom
    geekfence.comgeekfence.com
    Home»Artificial Intelligence»Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
    Artificial Intelligence

    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID

    AdminBy AdminJuly 14, 2026No Comments6 Mins Read2 Views
    Facebook Twitter Pinterest LinkedIn Telegram Tumblr Email
    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
    Share
    Facebook Twitter LinkedIn Pinterest Email


    As identity attacks grow more sophisticated in the AI era, organizations need stronger authentication methods that protect users from phishing, credential theft, and social engineering. To address these evolving threats, Microsoft Entra ID is updating its authentication experience by making passkeys the default phishing-resistant authentication method, helping customers reduce reliance on phishable methods such as SMS and voice.

    Beginning September 1, 2026, Microsoft will begin rolling out passkeys as the default authentication experience in Microsoft Entra ID. As the rollout reaches each organization, users enabled for SMS or voice authentication will automatically be enabled for passkeys, and the next time they perform multifactor authentication, they’ll be prompted to register a passkey.

    Following this transition, on February 1, 2027, Microsoft will retire Microsoft-provided telecom delivery for SMS and voice authentication and will no longer offer SMS and voice as a native Microsoft Entra capability. Organizations that still require SMS or voice authentication methods will have the option to choose one of our telecom partners through the Microsoft Security Store. Customers will be responsible for any associated telecom-related costs charged by the telecom partners.

    We strongly recommend moving users to passkeys or another phishing-resistant authentication method as soon as possible.

    Why stronger authentication matters in the AI era

    Authentication methods that use SMS or voice rely on shared secrets or channels that attackers increasingly intercept, phish, or manipulate. Passkeys use public-key cryptography rather than shared secrets, making them phishing-resistant by design. They also provide a faster, simpler sign-in experience for users.

    The case for moving beyond SMS and voice is no longer just that attackers intercept or socially engineer these methods. The threat environment has changed in speed, scale, and sophistication. Microsoft Threat Intelligence has observed AI-enabled phishing campaigns reaching click-through rates as high as 54%, compared with roughly 12% for more traditional campaigns, making stolen passwords and phishable second factors an urgent risk.1 At the same time, tactics such as SIM swapping and multifactor authentication bypass have become more accessible and repeatable.

    An AI-powered cyberattack can use a compromised identity to automate discovery, privilege escalation, and lateral movement much faster than a human attacker working manually. This is why phishing-resistant authentication methods are so important.

    By making passkeys the default authentication experience, organizations reduce reliance on phishable authentication methods and strengthen protection against credential theft and phishing.

    Today, Microsoft provides the telecom delivery behind SMS and voice authentication natively within Entra ID. As part of this transition, we’ll step back from providing that native telecom delivery to encourage phishing-resistant methods as the standard for everyone.

    For most organizations, the recommended path is simple: move users to passkeys at no additional cost.  

    If you have a regulatory, technical, or business requirement to keep SMS or voice, you’ll be able to select, configure, and manage a third-party telecom provider through the Microsoft Security Store—a partner marketplace where you can contract directly with supported carriers. 

    On September 18, 2026, we’ll share information on supported providers, deployment guidance, and technical documentation with pricing and commercial terms available through the Microsoft Security Store.

    How to prepare

    Start planning your transition now so you can select the deployment approach that best fits your organization and ensure your users are prepared for upcoming changes to their sign-in experience.

    1. Identify users who still use SMS or voice. Review your authentication method policy and identify which users or groups are enabled for SMS or voice authentication.
    2. Plan your passkey rollout. Enable passkeys and select the types that best fit your users’ devices and workflows. Microsoft Entra ID supports:
      • Synced passkeys, such as passkeys stored in platform credential managers like iCloud Keychain and Google Password Manager.
      • Device-bound passkeys, such as Microsoft Authenticator passkeys, Entra passkey on Windows, and FIDO2 security keys.
    3. Use registration campaign to drive adoption. Microsoft Entra ID can help organizations move users at scale by prompting them to register a passkey during multifactor authentication sign-in.
    4. Prepare user communications. Tell affected users what’s changing, when they’ll see a passkey registration prompt, and how to complete registration on their device.

    For step-by-step guidance on planning, deploying, and managing passkeys, see our Microsoft Learn documentation and passkey deployment guide. 

    If regulated, technical, or operational scenarios still require SMS or voice:

    1. Identify and document affected user segments.
    2. Starting October 30, 2026, select and configure a supported telecom provider through the Microsoft Security Store.
    3. Test your configuration with a pilot group before any broad rollout.

    Timeline

    Date Milestone
    September 1, 2026  All users enabled for SMS or voice are auto-enabled and nudged for passkey registration upon multifactor authentication sign-in.

    Use the passkey deployment guide to prepare your environment for passkey use. Notify affected users about the upcoming change. Ensure every user has a phishing-resistant authentication method, such as a passkey, Entra passkeys on Windows, or a FIDO2 security key.

    September 18, 2026  Pricing, commercial terms, and a list of supported telecom providers will be shared.

    If you plan to continue using SMS or voice authentication, review the available provider options and identify affected users. 

    October 30, 2026  Admins may select and configure a supported telecom provider through the Microsoft Security Store. 
    February 1, 2027  Microsoft-provided SMS and voice authentication ends.  

    If SMS or voice remains necessary for specific users, configure a supported telecom provider before this date. 

    After February 1, 2027  Users who use SMS or voice for multifactor authentication will be required to register a passkey before they can sign in. Automatic prompts to register a passkey will be enforced for all users in all tenants. There will be no opt-out option.

    Note: The dates outlined in this post apply to Microsoft Entra ID in the public cloud only. Support for other cloud environments will follow on a separate timeline, with additional guidance and dates to be announced in advance.

    SMS and voice have served their purpose well, bringing multifactor authentication to billions of users who otherwise would have had none. But the threat environment has evolved beyond their capabilities, and we need to evolve with it.

    We’re making passkeys the default in Entra ID because they work better for users and worse for cyberattackers. We’re trying to make this transition as predictable as possible with clear dates, fallback options during migration, and recovery that doesn’t depend on phishable credentials anymore.

    Learn more at aka.ms/passkeybydefault 

    To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.


    1Microsoft Digital Defense Report 2025.





    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    New method aims to keep kids safe from illegal AI-generated content | MIT News

    July 13, 2026

    Choosing the Right AI Agent Memory Strategy: A Decision-Tree Approach

    July 12, 2026

    Quantum mechanics once baffled scientists. Now it’s changing the world

    July 11, 2026

    Your agents are using your credentials, and that is the problem

    July 10, 2026

    Posit AI Blog: Introducing the text package

    July 9, 2026

    The Download: worms fight pollution, and geoengineering faces reality

    July 8, 2026
    Top Posts

    Understanding U-Net Architecture in Deep Learning

    November 25, 202560 Views

    Hard-braking events as indicators of road segment crash risk

    January 14, 202631 Views

    Redefining AI efficiency with extreme compression

    March 25, 202629 Views
    Don't Miss

    Alberta regulated online gambling market launches

    July 14, 2026

    Alberta officially opened its regulated online gambling market on Monday (July 13), creating one of…

    Prioritise AI outcomes over agent numbers, says Orange

    July 14, 2026

    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID

    July 14, 2026

    Tips For Writing Linux Device Drivers For Big Data Environments

    July 14, 2026
    Stay In Touch
    • Facebook
    • Instagram
    About Us

    At GeekFence, we are a team of tech-enthusiasts, industry watchers and content creators who believe that technology isn’t just about gadgets—it’s about how innovation transforms our lives, work and society. We’ve come together to build a place where readers, thinkers and industry insiders can converge to explore what’s next in tech.

    Our Picks

    Alberta regulated online gambling market launches

    July 14, 2026

    Prioritise AI outcomes over agent numbers, says Orange

    July 14, 2026

    Subscribe to Updates

    Please enable JavaScript in your browser to complete this form.
    Loading
    • About Us
    • Contact Us
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 Geekfence.All Rigt Reserved.

    Type above and press Enter to search. Press Esc to cancel.