extremetech.com › internet Microsoft Ditches SMS-Based 2FA Because It's Too Easy to Hack … On the other hand, Passkeys and app-based authentication rely on cryptographic keys and device-bound credentials, which make phishing and credential theft harder. … May 20, 2026 · Devesh Beri