Microsoft Moves Away from SMS 2FA: Embracing Passkeys for Enhanced Security
Time to Switch: How to Set Up Passkeys Before Microsoft Ditches SMS 2FA Logins
Image: Pcmag
Microsoft is phasing out SMS-based two-factor authentication for local account logins, citing security vulnerabilities. The company advocates for passkeys, which utilize biometric data or local security features for safer authentication. Users are encouraged to set up passkeys to enhance security while the transition away from SMS begins.
- 01Microsoft is discontinuing SMS-based two-factor authentication due to its vulnerability to fraud and exploitation.
- 02Passkeys are designed to enhance security by using biometric data or local passwords, making them nearly impossible to spoof.
- 03Users can set up passkeys by accessing their Microsoft account's Advanced Security Options and selecting their preferred authentication method.
- 04While passkeys are more secure, they may not always be convenient for users setting up new devices or temporary systems.
- 05Microsoft has not announced a specific timeline for fully phasing out SMS messages as a secondary authentication method.
Advertisement
In-Article Ad
Microsoft is shifting away from SMS-based two-factor authentication (2FA) for local account logins, citing security concerns. The company noted that SMS messages, which are sent in plaintext, are increasingly vulnerable to man-in-the-middle attacks and fraud. In an official statement, Microsoft emphasized its commitment to enhancing security standards by promoting the use of passkeys, which leverage biometric data or local passwords for authentication. Setting up a passkey involves signing into the Microsoft account's Advanced Security Options and selecting an authentication method such as face recognition, fingerprint, or a security key. Although passkeys offer improved security, they may present challenges in convenience, particularly for users configuring new devices or temporary setups. Microsoft has yet to provide a definitive timeline for the complete phase-out of SMS authentication, but users will soon be prompted to adopt passkeys to enhance their account security. This move is seen as a necessary step toward modernizing digital security practices.
Advertisement
In-Article Ad
The transition to passkeys will enhance security for users, reducing the risk of fraud associated with SMS-based authentication.
Advertisement
In-Article Ad
Reader Poll
Do you think Microsoft should fully eliminate SMS-based authentication?
Connecting to poll...
More about Microsoft
Windows 11 Users Face Update Block Due to Bug: Solutions Available
Pcworld • May 22, 2026
California Governor Gavin Newsom Issues Executive Order to Protect Workers from AI Job Displacement
Mashable • May 22, 2026
Delhi High Court Halts MCA Penalties on Microsoft and LinkedIn Executives
The Economic Times • May 21, 2026
Read the original article
Visit the source for the complete story.