Microsoft is retiring the email passcode system long used to grant temporary access to shared files in SharePoint Online and OneDrive for Business. The company plans to replace it with Microsoft Entra B2B guest accounts, shifting external collaboration toward a fully identity-based model across Microsoft 365.
The change affects both commercial and government cloud environments. Beginning in May 2026, new external sharing invitations will start using Entra B2B instead of the existing one-time passcode system. The transition will accelerate through the summer, with the older authentication method beginning its shutdown in July and disappearing completely by the end of August 2026. [Read more…]
Microsoft is expanding passwordless security across Windows by introducing passkey authentication through Microsoft Entra. The new capability allows users to sign in to Entra-protected resources using Windows Hello instead of traditional passwords, adding stronger resistance against phishing attacks and credential theft.
For decades, modern encryption has rested on a simple assumption. Some math problems take so long to solve that no practical computer can crack them in a useful timeframe. That assumption built online banking, secure email, VPN tunnels, software signing, and almost every digital transaction that powers business and government today.
A new attack called Pixnapping can steal sensitive data from Android devices, without needing a single permission. The exploit targets visual data on-screen, including two-factor authentication codes, private messages, and location histories. It works by quietly measuring how long it takes to render specific pixels. If that sounds like science fiction, it’s not. Researchers have already tested it on Pixel and Samsung devices with unsettling results. 