Jump to content
  • Microsoft Entra ID authentication getting major shakeup with default passkeys very soon

    Karlston

    • 132 views
    • 2 minutes
     Share


    • 132 views
    • 2 minutes

    Microsoft will make passkeys Entra ID's default authentication, replacing vulnerable passwords, SMS, and voice auth gradually.

    Towards the end of March earlier this year, Microsoft announced a major change to Entra ID authentication as it made Self-Service Password Reset (SSPR) much more robust in order to improve security. Fast forward three months, and the company has made another major announcement as it has confirmed that passkeys are set to become the default authentication method very soon.

     

    For those who may not have been following, passkey support has been making its way to Entra slowly but surely, as the company has also been hyping it over traditional passwords, highlighting the many benefits. One of those, the tech giant says, is against the various dangers in this AI era. Microsoft has already cautioned about such new threats while sharing its new Windows 11 updates strategy recently.

     

    According to Microsoft, the growing sophistication of phishing attacks, credential theft, and AI-powered social engineering campaigns has made password-based authentication increasingly vulnerable. Passkeys, instead, rely on public-key cryptography and biometric or PIN-based verification stored on a trusted device, making them resistant to common attack techniques that target passwords or one-time codes.

     

    As a result, Microsoft has confirmed that beginning September 1, 2026, passkeys will become the default authentication experience in Microsoft Entra ID. The rollout will happen gradually across organizations, with eligible users automatically prompted to enroll a passkey the next time they complete a multifactor authentication (MFA) challenge. Users who currently rely on SMS or voice-based authentication will be enrolled onto the new experience automatically without administrators having to manually configure individual accounts.

     

    In case SMS or voice auth is a necessity to keep, Microsoft will share more information on supported providers, deployment guidance, and technical documentation with pricing details later, on September 18, 2026.

     

    The company notes that this does not mean passwords will disappear overnight as you will have until next year to make the full transition. The final retirement of SMS or voice authentication capabilities in Entra ID will go away on February 1, 2027. You may find more details on the topic here on Microsoft's official website.

     

    Source


    Hope you enjoyed this news post. Feedback welcome.

    Posted Tuesday 14 July 2026 at 12:05 pm AEST (my time).

    News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of June) 2,475

    RIP Matrix


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...