The new Azure AD B2C phone sign-in experience – what does it mean for your organisation?

Last month Microsoft announced that passwordless, phone-based sign-in and sign-up are now available (in public preview) for Azure Active Directory (AAD) B2C apps with custom policies.

With phone authentication, your customers, staff and partners can register or authenticate for your applications with a one-time password (OTP) that is sent by SMS. They will not need to fill out a username and password. This improves the security of the application and offers a user-friendly alternative to the standard username-and-password authentication method. Phone authentication is important for facilitating passwordless authentication.  

What is passwordless authentication?

Passwordless authentication is a form of multi-factor authentication (MFA) that replaces passwords with two or more verification factors secured and encrypted on a user’s device, such as a fingerprint, facial recognition, a device pin, or a cryptographic key. The credentials never leave the device, eliminating the risk of phishing.

If your organisation needs support for improving the security of your digital identity setup, get in touch with a member of our technical team.

Originally posted on: