Microsoft says cu l8r to text message security
Microsoft has announced the discontinuation of SMS as a method of authentication for personal accounts. The company cites vulnerabilities such as phishing and SIM-swap attacks as reasons for this change. Instead, Microsoft will promote passwordless accounts and passkeys as the future of secure authentication.
- ▪Microsoft confirmed that SMS authentication is being phased out due to security concerns.
- ▪The company has been advocating for passwordless accounts and passkeys for over a year.
- ▪The UK's National Cyber Security Centre endorsed passkeys as a standard in April 2026.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); On-Prem Microsoft says cu l8r to text message security Old, busted, insecure authentication to be replaced with something shinier and safer Richard Speed Richard Speed Published wed 20 May 2026 // 13:33 UTC Microsoft has confirmed that SMS is on the way out as a method of authentication and recovery for personal Microsoft accounts.Fraud and dubious security were cited as reasons for the move: "SMS authentication is vulnerable to phishing and SIM-swap attacks." Passwordless accounts,…
Excerpt limited to ~120 words for fair-use compliance. The full article is at www.theregister.com - Articles.
Discussion
0 commentsMore from www.theregister.com - Articles
