Authentication Method - Voice call - State
Why This Matters
Voice call authentication lacks number matching capabilities that are available in modern authentication methods such as the Microsoft Authenticator app, making it more susceptible to social engineering attacks. When voice calls are enabled as an authentication method, attackers can potentially intercept or redirect calls to gain unauthorized access. Disabling voice calls reduces your attack surface and aligns with modern passwordless authentication best practices.
What Aether365 Checks
Aether365 verifies that the voice call authentication method is set to disabled in your Microsoft Entra ID tenant. This check appears on the Aether365 dashboard under the entra-id security checks section.