Share via

We can no longer use VOIP based phone numbers for MFA methods any longer, is this a new Microsoft policy blocking this?

Joseph Freni 5 Reputation points
2025-08-07T17:18:41.4433333+00:00

We can no longer use VOIP based phone numbers for MFA methods any longer, is this a new Microsoft policy blocking this?

We used to be able to use our VOIP based numbers that would ring on either our Yealink Teams phones or our Teams app, but we get an error message now when trying to set them up.

Microsoft Teams | Microsoft Teams for business | Sign up and Sign in | Sign in
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kristen-L 9,840 Reputation points Microsoft External Staff Moderator
    2025-08-07T18:05:13.0266667+00:00

    Hi @Joseph Freni,

    Thank you for reaching out to Microsoft Q&A forum and sharing your experience.   

    Microsoft has been phasing out support for VOIP-based phone numbers and strongly discouraging the use of SMS and voice calls for multi-factor authentication (MFA) due to security vulnerabilities:

    • SMS and voice calls are transmitted in cleartext, making them susceptible to interception.
    • SIM swapping attacks can redirect MFA codes to attackers.
    • Phishing tools can easily exploit SMS-based MFA.
    • Telephony fraud and regulatory issues also pose risks.

    Therefore, Microsoft recommends switching to:

    • Microsoft Authenticator app
    • FIDO2 security keys
    • Temporary Access Pass
    • Passkeys and passwordless sign-in.

    You can see more detail at: Planning for mandatory multifactor authentication for Azure and other admin portals.

    Here're suggestions you can try:

    1. Switch to App-Based MFA
      • Use Microsoft Authenticator or other supported apps
        • Ensure users register with mobile numbers or app-based methods
        1. Check Authentication Method Policies
          • Go to Microsoft Entra Admin Center
            • Navigate to Authentication Methods > Policies
              • Ensure VOIP numbers are not blocked by policy settings
    2. Use Teams Calling with MFA
      • If your Yealink Teams phones are part of a secure Teams environment, consider integrating Teams-based sign-in with passwordless options instead of relying on VOIP MFA.

    I hope this information is helpful. Please try the steps above and let me know the result. If you need further assistance, feel free to reach out, I'm always here and ready to support you!

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".     

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments
  2. Kristen-L 9,840 Reputation points Microsoft External Staff Moderator
    2026-01-16T15:34:14.1433333+00:00

    Hi @Bhawna Sharma,

    Thank you for your response.

    Currently, There’s no official Microsoft policy stating that VOIP numbers are no longer supported for MFA. Microsoft still documents SMS and voice calls as valid methods, though they recommend moving away from phone-based MFA toward stronger options like Microsoft Authenticator or passkeys.

    The issue you’re seeing is typically caused by telephony fraud protections in Microsoft Entra ID. These protections can flag certain numbers - including VOIP ranges - as high‑risk and may temporarily block or throttle SMS/voice delivery, resulting in errors like 399287. This is a risk-based block, not a deprecation of VOIP.

    In cases of error 399287, you can try to fix it by removing a “bad reputation” flag on the affected number or tenant. Once cleared, SMS/voice MFA works again.

    For your reference:

    I hope the information provided helps resolve your concern. Please feel free to reach out anytime if you need further assistance - I’m happy to help and truly hope this guidance proves useful.

    Warm regards.

     

    0 comments
  3. Bhawna Sharma 0 Reputation points
    2026-01-14T21:26:09.98+00:00

    @Kristen-L We are currently facing the same issue in our organization. We are unable to add the VOIP number as authentication. If we add it via entra & try to authenticate it gives the error code 399287, I dont see anything mentioned about VOIP phones in the official article, could you please share the MS document where it clearly says VOIP is not supported for MFA

    0 comments
  4. Kristen-L 9,840 Reputation points Microsoft External Staff Moderator
    2025-08-13T21:39:50.4533333+00:00

    Hi @Joseph Freni,

    I hope you are having a great day.

    I'm reaching out again to follow up on your issue and check if everything has been resolved. My goal is to ensure your experience remains smooth and hassle-free. If you're still encountering any problems or have run into new challenges, please let me know which steps you're currently stuck on and happy to provide further help whenever you need it. 

    If you have any further questions, feel free to tag me in your reply so I can assist you directly.

    Looking forward to your update.

    0 comments
  5. Kristen-L 9,840 Reputation points Microsoft External Staff Moderator
    2025-08-12T21:37:08.8633333+00:00

    Hi @Joseph Freni,

    Hope things are running smoothly on your end. Following up on the support thread we've been working on. I hope the steps I shared in my previous answer resolve the issue you were facing. If you are still facing the same issue or need assistance with anything else, kindly respond to this email, and I will be happy to help. We want to make sure everything is working as expected and that your experience remains uninterrupted. Thank you for your patience and understanding throughout the troubleshooting process.

    I look forward to hearing from you soon.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.