Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

How to Set Up SMS-Based Authentication for Microsoft 365 and Azure Active Directory Users

In a recent post on Petri, I explained how to set up passwordless sign-in using the Microsoft Authenticator app for Microsoft 365 and Azure Active Directory (recently renamed Microsoft Entra ID) users. When passwordless sign-in is enabled in Azure AD, instead of entering a password, users can confirm their identity using the Microsoft Authenticator app, a FIDO2 security key, or by SMS message.

In this article, I will show you how to configure passwordless sign-in by SMS. It’s worth remembering that SMS-based authentication is currently in preview and that it shouldn’t be used in production environments until it reaches general availability. There are also some limitations during preview:

SMS-based authentication isn’t compatible with Azure Multifactor Authentication.
SMS-based authentication isn’t compatible with native Office applications, with the exception of Microsoft Teams.
Microsoft doesn’t recommend SMS-based authentication for use with B2B accounts.
Federated users only authenticate in the cloud.

For additional information on passwordless sign-in, check out Understanding Windows 10 and Microsoft 365 Passwordless Sign-In on Petri.

Pre-requisites for SMS-based sign-in

Before a user can sign-in using SMS, they must be assigned one of the following licenses:

Azure AD Premium P1 or P2
Microsoft 365 (M365) F1 or F3
Enterprise Mobility + Security (EMS) E3 or E5 or Microsoft 365 (M365) E3 or E5

Set up SMS-based sign-in for Azure AD and Microsoft 365 users

The first step you need to perform is to enable SMS-based sign-in for users in your Azure AD tenant.

Log in to Azure AD here using a global administrator account.
Click Azure Active Directory under Favorites on the left of the portal window.
In the Azure AD pane, scroll down the list of options on the left, and click Security under Manage.

Image #1 Expand

Figure1 2 — How to Set Up SMS-Based Authentication for Microsoft 365 and Azure Active Directory Users (Image Credit: Russell Smith)

In the Security pane, click Authentication methods below Manage in the list of options on the left.
Click Text message in the list of methods.
In the Settings pane at the bottom of the portal window, set ENABLE to Yes and TARGET to All users.

Alternatively, you can set TARGET to Select users and enable passwordless sign-in for a group instead of all users in the directory.

Once you’re done, click Save.

Registering and enabling a phone number for sign-in

Users must register at least one phone number as an authentication method before they can use SMS-based sign-in. If users already have a phone number registered for use with multifactor authenticator, they won’t need to reregister the number to use it with SMS-based sign-in.

Image #2 Expand

Figure3 1 — How to Set Up SMS-Based Authentication for Microsoft 365 and Azure Active Directory Users (Image Credit: Russell Smith)

If users need to add a phone number as an authentication method, they can do it here on the My Sign-ins page. Users will need to click Security info in the list of options on the left, click + Add method on the Security info screen, and then follow the on-screen instructions. Users can also choose ‘Phone – text’ as the default sign-in method.

Enabling a phone number for sign-in

If a user already had a phone number registered before SMS sign-in was enabled for the tenant, they will need to click the prompt on the My Sign-ins page to enable the number for phone sign-in.

Image #3 Expand

Figure4 1 — How to Set Up SMS-Based Authentication for Microsoft 365 and Azure Active Directory Users (Image Credit: Russell Smith)

Alternatively, Azure AD admins can add and enable phone numbers for users in the Azure administration portal.

Perform a SMS-based sign-in

Finally, let’s sign in using an account that has a registered phone number enabled for sign-in. Note that if multifactor authentication is enabled for the account, the user will not be able to sign in by SMS because text message is not a supported first factor.

In a web browser window, log in to a Microsoft 365 app or service using a phone number that is registered and enabled for sign-in. Enter the phone number without the country code and then click Next.
If the number has been used before to sign in, you may not be required to enter the country code in the next dialog. Otherwise, in the Sign in dialog, select the country code from the dropdown menu and then click Next.

Image #4 Expand

Figure5 1 — How to Set Up SMS-Based Authentication for Microsoft 365 and Azure Active Directory Users (Image Credit: Russell Smith)

In the Enter code dialog, type the code that you should have received by SMS to the registered phone number, and click Sign in.

And that is it! You should now be signed in to Microsoft 365 or Azure AD.

by Russell Smith
Last Update: Jul 17, 2023
Oct 13, 2020

Editorial Director at Petri IT Knowledgebase. Russell has more than 20 years' experience working in IT. From small business to large government IT infrastructure projects. Russell started his writing career for Windows IT Pro magazine in the early...

How to Grant Full Mailbox Access to Users in Office 365 and Exchange Server

Aug 4, 2023
Aug 08, 2023
Microsoft and AI: What Is the Copilot Semantic Index and How Does It Work?

Feb 6, 2024
Mar 21, 2024
Nested Microsoft 365 Groups: What You Need to Know

Jul 12, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.