Exciting News! MFA Authentication has now been added to WhatsApp. It is essential to know MS is now sending MFA codes via WhatsApp. Microsoft has made a change in how they send MFA codes. Instead of just using SMS, they now also send codes through WhatsApp.
This means you might get your MFA code in WhatsApp if you have it. But don’t worry if you don’t or are not connected to the internet. Microsoft will still send it through SMS as a backup. So, now you have more options to get your MFA codes and keep your accounts secure.
Before, Microsoft Entra ID sent one-time passcodes (OTPs) through text messages. People could find these messages on their Android or iOS phones in their regular messaging app. They would then type in the OTP on the sign-in page for verification.
Microsoft Entra ID users will now get their Multifactor Authentication codes through WhatsApp. This is a change from the usual text messages, making the process more secure.
- Quick Guide to Enforce Multifactor Authentication MFA for Users
- Easiest Method to Enable MFA for Admins using Azure AD Conditional Access
- New Microsoft Entra Portal Walkthrough
What is the New Update regarding Microsoft Entra ID’s Multifactor Authentication?
Microsoft Entra ID will now deliver multifactor authentication (MFA) text messages through WhatsApp.
How did Microsoft Entra ID Previously Handle Multifactor Authentication?
Previously, Microsoft Entra ID used text messages to send one-time passcodes (OTPs). Users accessed these messages in their default messaging app on their Android and iOS devices.
Who will Receive MFA Text Messages through WhatsApp?
Only users who can receive MFA text messages and already have WhatsApp on their phones will have this experience.
MFA Authentication now Moved to WhatsApp
Microsoft advises users to avoid using text messages or voice calls for multifactor authentication. Instead, they recommend using modern methods like Microsoft Authenticator. While mobile or office phones can still be used as a secondary form of authentication, they encourage the adoption of more secure options.
- This window displays the verification code and a message emphasizing the importance of not sharing the code for your security.
Authentication Methods in Microsoft Azure
Users of Microsoft Entra for multifactor authentication or self-service password reset (SSPR) can receive a verification code via text message or phone call.
If users prefer to keep their mobile number private in the directory while still using it for password reset, administrators should avoid adding the phone number to the directory. Instead, users should input their Authentication Phone in the My Sign-Ins section. While administrators can view this information in the user’s profile, it is not publicly accessible elsewhere.
Enabling SMS-Based Authentication in Microsoft Entra ID
Before users can utilize SMS-based authentication, their phone number must be linked to their user profile within Microsoft Entra ID. The user can accomplish this through the “My Account” section or by an administrator using the Microsoft Entra admin center.
Global admins, authentication admins, or privileged authentication admins can set these phone numbers.
- Go to Microsoft Entra ID
- In the left-hand navigation menu within the Microsoft Entra window, click on Users.
- Within the user’s profile, select Authentication methods.
- Click on “+ Add authentication method,” and from the dropdown menu labelled “Choose a method,” pick “Phone number.”
- Enter the user’s phone number, including the country code, such as +1 xxxxxxxxx.
- The Microsoft Entra admin center validates the phone number is in the correct format.
- Lastly, from the “Phone type” dropdown menu, choose the appropriate option, such as “Mobile,” “Alternate mobile,” or “Other,” based on the user’s needs
Microsoft does not currently offer administrative controls to switch back to standard SMS if you prefer not to use RCS or WhatsApp for MFA OTPs. The approved approach to restrict this feature is deactivating SMS as an MFA option.
If testing RCS and WhatsApp for MFA, consider switching to more robust security options like FIDO2 or authenticator apps to enhance your safety. These newer methods provide a glimpse into the future and can help address security worries.
Note! – If you want to switch back to using SMS instead of WhatsApp for MFA, consider blocking Microsoft’s WhatsApp Business Agent at +1 (217) 302 1989.
Text Message Verification
To make sure it’s you signing in, Microsoft sends a unique code to your phone through a text message. You will type this code in to finish logging in. This message can come through regular text (SMS), an advanced RCS service, or WhatsApp.
If you use an Android phone, you can use RCS for extra security. It is like a supercharged text with better protection. When Microsoft sends you a code this way, you will notice it looks a bit different, with clear Microsoft signs to show it’s safe.
WhatsApp Verification for Specific Country Codes
Users from India, Indonesia, and New Zealand might receive their verification codes through WhatsApp if they have this app installed. These WhatsApp messages are similar to regular text messages (SMS), but they come with clear Microsoft branding and a verified checkmark.
- Please note that only users with WhatsApp will receive verification codes through this channel.
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here – HTMD WhatsApp.
About the Author – Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing on Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.