Microsoft announced plans to shift the standard authentication method for its Entra ID service to passkeys by July 13, 2026. This change aims to reduce reliance on SMS and voice authentication due to the increasing sophistication of AI-driven attacks, which have shown a significant rise in phishing effectiveness.
The transition is crucial as traditional SMS and voice methods are vulnerable to interception and manipulation, while passkeys utilize public key cryptography, enhancing phishing resistance and simplifying user authentication processes. Microsoft will cease its SMS and voice authentication services on February 1, 2027, compelling organizations to adapt their authentication strategies accordingly.
Organizations will begin implementing the new passkey system starting September 1, 2026, with automatic activation for existing SMS and voice users. As AI threats evolve, the adoption of more secure authentication methods is essential, and Microsoft encourages organizations to prepare for this transition without incurring additional costs.
Editor's Note
The shift to passkeys reflects a broader trend in cybersecurity, where organizations are increasingly prioritizing robust authentication methods to combat sophisticated AI-driven attacks. This transition may influence procurement strategies and technology adoption across various sectors, as companies seek to enhance their security postures against evolving threats.
Leave a comment