[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSI5XdJrUlmnbMqNDdhQ7NDtUrXp5COAQ-MPAi4ZLL04":3},{"article":4,"iocs":55},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":34,"category":35,"article_tags":39},"520b2c73-cc86-400a-b41d-57dc66818771","Microsoft Entra ID gets passkeys default authentication starting September","microsoft-entra-id-gets-passkeys-default-authentication-starting-september-bd81cb","Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026. [...]","Microsoft announced that passkeys will become the default authentication method for Entra ID starting September 2026, with SMS and voice authentication being automatically retired in February 2027. Users already using passkeys, Windows Hello for Business, FIDO2 security keys, or other phishing-resistant methods can continue unchanged. Organizations must transition all users to phishing-resistant authentication methods to avoid sign-in disruptions, as threat actors have actively targeted Entra ID SSO accounts and phishing campaigns now achieve 54% click-through rates.","Microsoft makes passkeys default authentication for Entra ID starting September 2026, retiring SMS\u002Fvoice in February","Microsoft Entra ID gets passkeys default authentication starting September By Sergiu Gatlan July 14, 2026 08:49 AM 0 Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026. Passkeys will be enabled automatically for Entra ID users now using phone-based SMS and voice authentication, which will be retired in February 2027 across all tenants. However, users who are already signing into their accounts with passkeys, Windows Hello for Business, FIDO2 security keys, smart cards, or any other phishing-resistant method will be able to continue using those methods. \"As the rollout reaches each organization, users enabled for SMS or voice authentication will automatically be enabled for passkeys, and the next time they perform multifactor authentication, they'll be prompted to register a passkey,\" Microsoft said. \"Following this transition, on February 1, 2027, Microsoft will retire Microsoft-provided telecom delivery for SMS and voice authentication and will no longer offer SMS and voice as a native Microsoft Entra capability.\" Before this date, organizations are advised to ensure that all users are using a phishing-resistant method to avoid sign-in disruptions, as they will no longer be able to use SMS or voice to complete multifactor authentication and sign in to their accounts. Timeline for SMS\u002Fvoice authentication retirement (Microsoft) Admins with the global reader, Authentication policy administrator, or Security reader roles enabled can find SMS or voice auth users by running the Entra SMS\u002FVoice Policy Scanner PowerShell script. Organizations that are still required to use phone-based authentication will need to configure third-party telecom providers through the Microsoft Security Store. Microsoft provides step-by-step guidance on deploying and managing Entra ID phishing-resistant passwordless authentication on this dedicated documentation page. Users are advised to move away from telephony-based authentication methods to block identity attacks and improve account security, as threat actors (including the ShinyHunters extortion gang) have heavily targeted Microsoft Entra single sign-on (SSO) accounts in a recent wave of SaaS data-theft attacks using stolen credentials. \"Microsoft Threat Intelligence has observed AI-enabled phishing campaigns reaching click-through rates as high as 54%, compared with roughly 12% for more traditional campaigns, making stolen passwords and phishable second factors an urgent risk,\" Microsoft added. \"By making passkeys the default authentication experience, organizations reduce reliance on phishable authentication methods and strengthen protection against credential theft and phishing.\" Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Microsoft starts testing cleaner Windows Search without adsBreach at the Beach: Play the Ultimate Entra ID CTFMicrosoft to retire the OWA Light client in Exchange ServerMicrosoft patches RoguePlanet Defender zero-day vulnerabilityMicrosoft to enable Windows settings backup by default for orgs","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fmicrosoft\u002Fmicrosoft-entra-id-gets-passkeys-default-authentication-starting-september\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F03\u002F12\u002FHacking_login.jpg","2026-07-14T12:49:56+00:00","2026-07-14T14:00:18.052408+00:00",8,[18,21,23,26,28,31],{"name":19,"type":20},"Microsoft Entra ID","product",{"name":22,"type":20},"Windows Hello for Business",{"name":24,"type":25},"FIDO2","technology",{"name":27,"type":25},"Passkeys",{"name":29,"type":30},"Microsoft","vendor",{"name":32,"type":33},"ShinyHunters","threat_actor","2c8f44d4-b56e-47cf-9677-04f22c9ee78d",{"id":34,"icon":36,"name":37,"slug":38},null,"Identity & Access","identity-access",[40,45,50],{"category":41},{"id":42,"icon":36,"name":43,"slug":44},"02371804-cf6d-4449-98de-f1a2d4d9b266","Tools","tools",{"category":46},{"id":47,"icon":36,"name":48,"slug":49},"53f9c4b6-8bc6-4964-9169-d09e5cd41d72","Compliance","compliance",{"category":51},{"id":52,"icon":36,"name":53,"slug":54},"c5c77cdb-f7d7-4990-9436-c81dcbff1163","Policy","policy",[]]