Microsoft Is Phasing Out SMS 2FA Codes For Personal Accounts
Microsoft will replace SMS codes with passkeys, authenticator apps and backup email as it moves personal accounts toward passwordless sign-in.
8 Articles
8 Articles
ghacks.net
IT Security News - cybersecurity, infosecurity newsMicrosoft Phasing Out SMS Authentication Codes for Personal Accounts in Favor of Passkeys
Microsoft has announced that it will discontinue SMS-based authentication and account recovery for personal Microsoft accounts. The company updated its support documentation to reflect this change, having previously hinted at the move earlier this year. Going forward, SMS codes will be replaced with passkeys, passwordless accounts, and verified secondary email addresses.While Microsoft has not set a specific date for the transition, it is introd…
The days of multi-factor authentication SMS alerts are numbered
Attackers used social engineering, MFA prompts, Azure tools, Graph API, Key Vault, and VMAccess to infiltrate accounts, persist access, exfiltrate data. In the recent Storm-2949 campaign, attackers had focused on Microsoft 365 and Azure environments, and had used social engineering to pose as internal IT support. Victims were tricked into approving multi-factor authentication prompts (MFA), during what seemed like routine password reset activity…
Microsoft is getting rid of SMS two-factor codes
Microsoft: Microsoft believes that the future of authentication is passwordless, secure, and user-friendly. SMS-based authentication is now a leading source of fraud, and by moving to passwordless accounts, passkeys, and verified email, we’re helping you stay ahead of evolving threats while making account access simpler and more seamless. Good. Hopefully this is a trend that more and more companies get onboard with, along with passkey adoption.…
Coverage Details
Bias Distribution
- 67% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
