Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Entra ID makes passkeys the default authentication method and retires SMS/voice MFA

Security Tool/Service
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft Entra ID will make passkeys the default authentication method starting September 2026, reducing reliance on phishable second factors across enterprise accounts. SMS and voice authentication will be retired in February 2027, pushing tenants toward phishing-resistant sign-in methods. The shift raises the baseline for account security while forcing organizations still using phone-based MFA to migrate before disruption.

Related Happenings

Kali365 Microsoft 365 device-code phishing campaign

Campaign
H score46 First: 25.05.2026 15:45 Last: 25.05.2026 15:45 Sources 1

About this happening: A **Kali365** phishing campaign is targeting **Microsoft 365** environments worldwide with **device-code login lures**, putting accounts at risk of **token theft** and **MFA bypas...

EvilTokens Microsoft 365 consent phishing campaign

Campaign
H score39 First: 19.05.2026 14:30 Last: 19.05.2026 14:30 Sources 1

About this happening: The **EvilTokens** campaign rapidly compromised **more than 340 Microsoft 365 organizations** across **five countries**, showing how **OAuth grant abuse** can bypass **MFA** and c...

W3LL Microsoft 365 adversary-in-the-middle phishing campaign

Campaign
H score39 First: 13.04.2026 21:55 Last: 13.04.2026 21:55 Sources 1

About this happening: The **W3LL** phishing operation turned into a high-volume **Microsoft 365** credential-theft campaign, exposing **more than 17,000 victims worldwide** to **BEC** risk. The kit use...

Microsoft AiTM payroll pirate attack mitigation

Advisory/Mitigation
H score34 First: 10.04.2026 14:56 Last: 10.04.2026 14:56 Sources 1

About this happening: **Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...

Storm-2755 payroll pirate campaign targeting Canadian employees

Campaign
H score29 First: 10.04.2026 14:56 Last: 10.04.2026 14:56 Sources 1

About this happening: The **Storm-2755** campaign is stealing **Canadian employees' salary payments** by hijacking accounts through **Microsoft 365** phishing pages, creating immediate payroll-diversio...

Timeline

  1. 14.07.2026 15:49 2 articles · 1h ago

    Microsoft Entra ID will make passkeys the default sign-in method

    Initial Disclosure

    Microsoft announced that Entra ID will make passkeys the default authentication method starting September 2026, automatically enabling passkeys for users still using SMS or voice authentication and retiring Microsoft-provided SMS and voice authentication across all tenants on February 1, 2027. Users already signing in with passkeys, Windows Hello for Business, FIDO2 security keys, smart cards, or other phishing-resistant methods can continue using those methods, and organizations that still need phone-based authentication must move to third-party telecom providers through the Microsoft Security Store.

    Show sources