Identity Microsoft to phase out SMS authentication for account recovery May 20, 2026 Share By SC Staff (Adobe Stock) Tech Radar reports that Microsoft is phasing out SMS authentication and recovery methods for its accounts due to increasing fraud risks. The company is actively encouraging users to adopt more secure, passwordless authentication options. Microsoft has announced it will begin phasing out SMS-based authentication and account recovery, citing it as a leading source of fraud. While a specific timeline for the complete phase-out was not provided, the company emphasized its commitment to a passwordless future, promoting alternatives like passkeys and verified email. Passkeys utilize cryptographic keys stored on a user's device and the service, offering enhanced security against phishing and data breaches through methods like fingerprint or facial scans. However, concerns have been raised by researchers regarding potential browser-based vulnerabilities in passkey workflows. Despite these concerns, the move away from SMS, which has long been criticized by security experts for its susceptibility to SIM-swapping attacks and general insecurity for two-factor authentication, is seen as a positive step for account security. Source: Tech Radar SC Staff Related Identity The AiTM problem nobody’s architecture actually solves Alan LeFort May 20, 2026 Accountability becomes the big issue following a breach – does the team know who’s responsible for what? Identity Stolen UK data, including bank cards and IDs, is cheap on the dark web, NordVPN reports SC Staff May 18, 2026 Stolen UK payment card details are commonly available on dark web marketplaces for approximately $12, with comprehensive digital identity packs fetching around $40. Privacy Trump administration’s voter data collection efforts face legal challenges SC Staff May 14, 2026 The Department of Justice's Office of Legal Counsel issued a memo arguing that a provision in the 1960 Civil Rights Act, requiring election officials to retain voter records for 22 months, grants the Attorney General the authority to obtain copies of these records. Related Events Cybercast IAM for MSSPs: Real-World Deployments On-Demand Event Cybercast Privilege risk is in the lifecycle: A CISO discussion on modernizing identity control On-Demand Event Cybercast The industrialization of identity compromise On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Basic Authentication Biometrics Certificate-Based Authentication Challenge-Handshake Authentication Protocol (CHAP) Digest Authentication Digital Certificate Discretionary Access Control (DAC) You can skip this ad in 5 seconds