Microsoft will make passkeys Entra ID's default authentication, replacing vulnerable passwords, SMS, and voice auth gradually.
Towards the end of March earlier this year, Microsoft announced a major change to Entra ID authentication as it made Self-Service Password Reset (SSPR) much more robust in order to improve security. Fast forward three months, and the company has made another major announcement as it has confirmed that passkeys are set to become the default authentication method very soon.
For those who may not have been following, passkey support has been making its way to Entra slowly but surely, as the company has also been hyping it over traditional passwords, highlighting the many benefits. One of those, the tech giant says, is against the various dangers in this AI era. Microsoft has already cautioned about such new threats while sharing its new Windows 11 updates strategy recently.
According to Microsoft, the growing sophistication of phishing attacks, credential theft, and AI-powered social engineering campaigns has made password-based authentication increasingly vulnerable. Passkeys, instead, rely on public-key cryptography and biometric or PIN-based verification stored on a trusted device, making them resistant to common attack techniques that target passwords or one-time codes.
As a result, Microsoft has confirmed that beginning September 1, 2026, passkeys will become the default authentication experience in Microsoft Entra ID. The rollout will happen gradually across organizations, with eligible users automatically prompted to enroll a passkey the next time they complete a multifactor authentication (MFA) challenge. Users who currently rely on SMS or voice-based authentication will be enrolled onto the new experience automatically without administrators having to manually configure individual accounts.
In case SMS or voice auth is a necessity to keep, Microsoft will share more information on supported providers, deployment guidance, and technical documentation with pricing details later, on September 18, 2026.
The company notes that this does not mean passwords will disappear overnight as you will have until next year to make the full transition. The final retirement of SMS or voice authentication capabilities in Entra ID will go away on February 1, 2027. You may find more details on the topic here on Microsoft's official website.
Hope you enjoyed this news post. Feedback welcome.
Posted Tuesday 14 July 2026 at 12:05 pm AEST (my time).
News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of June) 2,475
- scarabou
-
1
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.