You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
authenticator
About this tag
The authenticator tag on WindowsForum covers discussions about Microsoft Authenticator, including its integration with Entra ID for passkey support via Windows Hello, security vulnerabilities like CVE-2026-26123 that could lead to information disclosure, and new integrity checks that block or remove Entra credentials on rooted or jailbroken devices. These threads explore enterprise passwordless sign-in, operational impacts for administrators, and mitigation strategies for affected users.
Microsoft’s latest Entra push brings native passkey support to Windows via Windows Hello, while a parallel hardening of Microsoft Authenticator means rooted and jailbroken phones could lose the ability to hold Entra credentials — automatically, and without opt‑out. This is a meaningful step...
Microsoft's March 10, 2026 security update includes a newly assigned CVE—CVE-2026-26123—that affects the Microsoft Authenticator mobile application and is classified as an information disclosure vulnerability. The problem is notable because the attack vector exploits how mobile platforms hand...
Microsoft has begun enforcing a strict new integrity check inside the Microsoft Authenticator mobile app that will prevent work and school Entra credentials from being used on devices the app detects as jailbroken (iOS) or rooted (Android). The change is automatic, phased, and uncompromising...