Microsoft Is Eliminating SMS Codes for Two-Factor Authentication
If you have a Microsoft account that uses SMS for two-factor authentication, you may soon have to choose a more secure method for logging in. As reported by Windows Latest , the company is ditching text-based authentication codes for personal accounts, stating that these are "now a leading source of fraud." Users will be prompted to set up a passkey instead. Microsoft is trying to eliminate passwords Microsoft has already started moving toward a password-less environment—last year, the company made passkeys the default on new accounts at setup. Now, it is phasing out SMS codes for 2FA and account recovery in favor of passkeys, authenticator apps, and verified backup email addresses. SMS codes are quick to set up and convenient to use. However, they are also among the least secure forms of multi-factor authentication (MFA), as they are highly susceptible to phishing and SIM swapping attacks. Authenticator apps (which generate temporary codes that change every 30 seconds) may...
