By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Fri, Jul 3
All Things Geek — Tech News, Reviews & Buying Guides
  • AI
  • Audio/Video
  • Computing
  • Gaming
  • Living
  • Mobile
  • Software
subscribe
All Things Geek — Tech News, Reviews & Buying GuidesAll Things Geek — Tech News, Reviews & Buying Guides
Font ResizerAa

Search

Subscribe

More from BuzzVibe

  • AI
  • Audio/Video
  • Computing
  • Gaming
  • Living
  • Mobile
  • Software

Latest Stories

Amazon sneaker sale slashes up to 50% off top running brands
Amazon sneaker sale slashes up to 50% off top running brands
AI memory chip shortage threatens automotive and medical sectors
AI memory chip shortage threatens automotive and medical sectors
Summer Game Fest 2026: Live updates on reveals and world premieres
Summer Game Fest 2026: Live updates on reveals and world premieres
Seagate FireCuda X Vault Review: Storage Beast for Creators
Seagate FireCuda X Vault Review: Storage Beast for Creators
Louis Vuitton sues casino over trademark infringement dispute
Louis Vuitton sues casino over trademark infringement dispute

Socials

Home > Gaming > Game News > Microsoft Ends SMS Sign-In as Passkeys Take Over
Game NewsGaming

Microsoft Ends SMS Sign-In as Passkeys Take Over

Kavitha Nair
By
Kavitha Nair
ByKavitha Nair
Tech writer at All Things Geek. Covers the business and industry of technology.
Last updated: 19/05/2026
Share
9 Min Read
Microsoft Ends SMS Sign-In as Passkeys Take Over
SHARE

Microsoft SMS sign-in phasing out marks a significant turning point in how millions of users will authenticate their accounts. The company is systematically moving away from SMS-based sign-in and multifactor authentication, replacing them with passwordless methods like passkeys and the Microsoft Authenticator app. This shift reflects a broader industry recognition that SMS codes, despite their ubiquity, are fundamentally weak from a security perspective.

Key Takeaways

  • Microsoft is ending SMS-based sign-in in favor of passkeys and passwordless authentication methods
  • SMS codes are vulnerable to SIM swap, interception, delivery delays, and phishing attacks
  • Microsoft Authenticator app and FIDO2 security keys are the recommended replacements
  • The transition affects both personal Microsoft accounts and enterprise Entra deployments
  • Frontline workers and organizations can still use SMS temporarily, but it is no longer recommended

Why Microsoft Is Killing SMS Codes

SMS-based authentication has a well-documented vulnerability problem. Messages can be intercepted, SIM cards can be swapped by attackers, and delivery times are unpredictable—all weaknesses that phishing campaigns actively exploit. Microsoft’s own documentation acknowledges these flaws and explicitly discourages SMS as a primary authentication method. The company has been pushing users away from SMS toward stronger alternatives for years, but this transition marks the formal end of SMS sign-in as a supported option.

The shift is not arbitrary. Passkeys and hardware security keys offer what SMS cannot: phishing resistance. A passkey is cryptographically bound to a specific service, making it impossible for attackers to trick users into authenticating to a fake login page. SMS codes, by contrast, are generic one-time passwords that work on any site claiming to be Microsoft. An attacker who intercepts an SMS code can use it immediately. That fundamental difference explains why Microsoft is making this change now.

What Users Need to Switch To

Microsoft is promoting three main alternatives: the Microsoft Authenticator app, passkeys, and FIDO2 security keys. The Authenticator app is the easiest transition for most users—it sends push notifications to your phone instead of relying on SMS, and it integrates smoothly with Windows and mobile devices. Passkeys are the long-term direction, storing authentication credentials locally on your device and syncing them across platforms via cloud backup. FIDO2 keys are the most secure option for users who want a dedicated hardware device.

Related News

Summer Game Fest 2026: Live updates on reveals and world premieres
Summer Game Fest 2026: Live updates on reveals and world premieres
05/06/2026
FIFA World Cup Launch Edition: Free on Netflix, No Console Needed
FIFA World Cup Launch Edition: Free on Netflix, No Console Needed
05/06/2026
Steam Machine launch confirmed for summer, but USD 1,200 price tag looms
Steam Machine launch confirmed for summer, but USD 1,200 price tag looms
05/06/2026

For enterprise customers, Microsoft Entra SMS-based sign-in was designed primarily for frontline workers and is not recommended for information workers. Organizations can still enable SMS temporarily through the Entra admin center, but Microsoft’s guidance is clear: this is a transitional method, not a permanent solution. The company has already started rolling out automated prompts during sign-in that encourage users to set up Microsoft Authenticator instead.

Who This Change Actually Affects

The transition creates real friction for certain groups. Users without smartphones, people in regions with unreliable cellular networks, and small business owners who rely on SMS as their primary verification method will need to adapt. Microsoft’s documentation indicates that SMS sign-in availability is organization-dependent and can be controlled by administrators, meaning some users may lose access to SMS sign-in on a schedule set by their IT department.

Related News

The nintendo switch 2 with a red screen.
Nintendo Switch 2 Proves Its Worth—But Nintendo Must Act Fast
05/06/2026
Xbox's 25 Years of Game-Changing Announcements
Xbox’s 25 Years of Game-Changing Announcements
05/06/2026
Nintendo Switch Prime Day deals start early—here's what's worth buying
Nintendo Switch Prime Day deals start early—here’s what’s worth buying
05/06/2026

The broader implication is that SMS authentication is becoming a legacy technology. As Microsoft, Google, Apple, and other major platforms move away from it, the entire ecosystem shifts. Users who have relied on SMS for years will need to learn new authentication habits. That adjustment period is inevitable, but it is worth the security gain—SMS interception, SIM swapping, and SIM cloning are real threats that passkeys and hardware keys eliminate entirely.

The Bigger Picture: Passwordless Is the Future

This change is part of a larger industry trend toward passwordless authentication. Microsoft has been vocal about its belief that the future of security is passwordless, user-friendly, and resistant to phishing. Passkeys achieve all three: users do not type passwords, they approve sign-in attempts on their device, and the cryptographic binding to each service prevents phishing attacks from working.

The transition will not happen overnight. Microsoft support documentation shows that SMS sign-in setup is still possible through the Entra admin center, meaning organizations and individual users will have a window to migrate. But the direction is unmistakable. Microsoft is betting that the inconvenience of switching authentication methods now is far smaller than the security risk of maintaining SMS sign-in indefinitely.

How to Set Up Microsoft Authenticator Instead

For users switching from SMS, the Microsoft Authenticator app is the quickest replacement. The setup process is straightforward: add the Microsoft Authenticator app to your phone, sign in with your Microsoft account, and enable push notifications. When you sign in from a new device, the app sends a notification to your phone asking you to approve or deny the attempt. You tap approve, and you are signed in—no codes to type, no SMS delays.

Related News

Outlook encryption bug exposed after two decades of silent fallback
05/06/2026
Valve Steam Machine and Steam Frame launch delayed to 2026
Valve Steam Machine and Steam Frame launch delayed to 2026
05/06/2026
Linux gaming on Steam loses momentum as Windows 11 surges
Linux gaming on Steam loses momentum as Windows 11 surges
05/06/2026

Passkeys offer a more seamless experience once set up but require a bit more initial configuration. You create a passkey through your Microsoft account settings, and it gets synced to your cloud backup. On subsequent sign-ins, Windows or your mobile device recognizes the passkey and authenticates automatically. For users with multiple devices, this is significantly faster than SMS codes.

Is This Change Mandatory?

Not immediately. Microsoft is phasing out SMS sign-in gradually, and the company has not announced a hard deadline for complete removal. However, the writing is on the wall. If you still rely on SMS codes for your Microsoft account, switching to Microsoft Authenticator or passkeys now will save you from being forced to migrate later under pressure. Organizations that still use SMS for authentication should plan their transition sooner rather than later.

What happens if I do not set up a passwordless method?

Microsoft will eventually require it. The company is already sending automated prompts to users during sign-in, encouraging them to enable Microsoft Authenticator. If you ignore these prompts, you may eventually lose access to SMS sign-in when Microsoft completes the phase-out. Setting up an alternative authentication method now prevents disruption later.

Can I still use SMS if my organization allows it?

Yes, for now. Microsoft Entra administrators can still enable SMS sign-in for their organization through the Entra admin center, and some organizations may maintain SMS as a fallback option for specific scenarios. However, Microsoft explicitly recommends against this for information workers and plans to deprecate SMS entirely. Relying on SMS as a long-term solution is not advisable.

Is passkey authentication really more secure than SMS?

Absolutely. Passkeys are cryptographically bound to the specific service you are signing into, which means they cannot be used on a phishing site even if an attacker tricks you into visiting a fake login page. SMS codes are generic and work on any site that requests them, making them vulnerable to phishing. Additionally, passkeys cannot be intercepted or stolen via SIM swap attacks, which are common ways attackers compromise SMS-based accounts.

Microsoft’s move away from SMS sign-in is overdue. SMS codes have been a security liability for years, and the company is finally taking decisive action to phase them out in favor of genuinely secure alternatives. For users, the message is clear: switch to Microsoft Authenticator or passkeys now, and you will avoid the chaos of being forced to migrate later. The future of authentication is passwordless, and Microsoft is pushing everyone toward it—whether they are ready or not.

Edited by the All Things Geek team.

Source: TechRadar

More in Game News

  • NYT Connections hints and answers for May 20 game #1074
  • Best hybrid office gaming chairs in Amazon’s Big Spring Sale
  • PlayStation Portal’s new 1080p mode changes streaming game
  • Cthulhu: The Cosmic Abyss excels at atmosphere but stumbles on fiddly mechanics
  • Project Helix’s real problem might be Windows K2
TAGGED:account securitymicrosoft authenticationpasskeyspasswordless securitysms phishing
Share This Article
Facebook Bluesky Copy Link Print
ByKavitha Nair
Tech writer at All Things Geek. Covers the business and industry of technology.
Previous Article Bang & Olufsen Reimagined in Monochrome Through Design Collaboration Bang & Olufsen Reimagined in Monochrome Through Design Collaboration
Next Article Philips Café Aromis Delivers Barista-Quality Oat Milk Lattes at Home Philips Café Aromis Delivers Barista-Quality Oat Milk Lattes at Home

What's Hot

Cyberpunk 2077 DLC Is Dead — What CD Projekt Red Does Next

Cyberpunk 2077 DLC Is Dead — What CD Projekt Red Does Next

Windows 11 High Refresh Rate Support Is the OS Unlock Gaming Needs

Windows 11 High Refresh Rate Support Is the OS Unlock Gaming Needs

Nothing Headphone (a) Promises Five Days of Battery at a Budget Price

Nothing Headphone (a) Promises Five Days of Battery at a Budget Price

Amazon Spring Deal Days 2026: Best Home and Garden Discounts

Amazon Spring Deal Days 2026: Best Home and Garden Discounts

Samsung Mobile Faces Loss Risk as Memory Costs Spiral — AI-generated illustration

Samsung Mobile Faces Loss Risk as Memory Costs Spiral

Categories

- Advertisement -
Ad image
All Things Geek — Tech News, Reviews & Buying Guides

All Things Geek

  • AI
  • Audio/Video
  • Computing
  • Gaming
  • Living
  • Mobile
  • Software

Subscribe Newsletter

Subscribe to our newsletter to get our newest articles instantly!
[mc4wp_form]