Remove SMS/Voice Authentication

Summary

Provides instructions for removing SMS and voice authentication to transition to a more secure, app-based authentication.

Body

This documentation provides instructions for removing SMS and Voice Call authentication methods on your account via the Microsoft My Sign-Ins portal (go/mfasetup).

Relying on telephony (SMS and Voice) is increasingly discouraged due to vulnerabilities like SIM swapping. Transitioning to phishing-resistant methods like FIDO2 security keys (e.g., YubiKey and Microsoft Passkey) significantly hardens your security posture.

1. Understanding Verification Redundancy

Microsoft Entra ID typically requires a minimum of two active authentication methods.

If you attempt to remove a phone number without having a secondary backup method in place, the system will generate recurring "Keep your account secure" prompts during the sign-in process. To suppress these prompts, you must ensure a valid secondary method—such as a Email or Security Questions—is registered before removing your phone number. *Note that both Email and Security Questions cannot be used to authenticate during sign-in. They can only be used for Self-Service Password Reset. 

 

2. Configuration Steps

Follow these steps to update your security profile at mysignins.microsoft.com/security-info (go/mfasetup).

Step 1: Establish a Secondary Authentication Method

  1. Select + Add sign-in method.

  2. If "Email" is available: Select it and enter a non-Middlebury email address. Follow the prompts to verify the address via the sent code.

  3. If "Email" is unavailable: Select Security questions. Complete the required fields with memorable, secure answers and select Done.

    • Note: Registering these alternatives satisfies the system's redundancy requirement, allowing for the removal of telephony methods.

 

Step 2: Update the Default Sign-in Method

You cannot delete a method that is currently set as your primary sign-in option. If SMS/Voice is set as your primary authentication option, it must be changed.

  1. Locate the Default sign-in method heading at the top of the page.

  2. Select Change.

  3. Set the default to Microsoft Authenticator or Passkey.

  4. Select Confirm.

 

Step 3: Remove Phone and Voice Methods

  1. Locate the entries for PhoneAlternate Phone, or Office Phone in the list of registered methods.

  2. Select Delete for each telephony-based entry.

  3. Confirm the deletion when prompted.

Details

Details

Article ID: 879
Created
Wed 3/11/26 1:36 PM
Modified
Wed 3/11/26 1:38 PM