Share via

SMS/Email Authentication set as Default Provider

MelvinMACHADO-3120 25 Reputation points
2026-05-07T12:55:14.1833333+00:00

Hello,

Recently, I’ve noticed that my users are being forced to authenticate using SMS or email address at the pre-logon screen.

I have already attempted the following actions:

  • Blocked and Disabled the CLSID {C5D7540A-CD51-453B-B22B-05305BA03F07}
  • Set the default authentication method to {60b78e88-ead8-445c-9cfd-0b87f74ea6cd}
  • Disabled the use of Microsoft accounts

Unfortunately, none of these changes had any effect.

This behavior is causing a major issue, as after a reboot the SMS/email authentication method is set as the default provider at the pre-logon screen. While users technically have the option to switch to username and password authentication, most of them are not aware of it and therefore get stuck.

Could you please clarify what is enforcing this behavior and how we can disable it?

Thank you for your assistance.

[Moved from Windows for home | Windows 10 | Windows Hello, lock screen and sign-in]

Microsoft Security | Microsoft Entra | Microsoft Entra ID

Answer accepted by question author

Shubham Sharma 17,160 Reputation points Microsoft External Staff Moderator
2026-05-08T05:44:25.3433333+00:00

Hello MelvinMACHADO-3120

Thank you for reaching out to Microsoft Q&A.

This behavior is coming from a custom Windows Credential Provider that’s been installed on your machines (most likely the Azure MFA “Windows Logon” adapter or a similar SMS/Email OTP provider). Windows will always use the first credential provider in its enumeration order as the “default” logon UI, so even though you disabled the CLSID and tried forcing the Password provider, after a reboot the SMS/Email provider simply re-registers itself and jumps back to the top of the list.

Here’s how you can permanently disable or remove it:

  1. Uninstall the Windows Logon / Azure MFA adapter • On each machine (or via your software deployment tool), run the uninstall for the adapter you originally deployed (e.g. from “Programs and Features” or via the MFA Server installer’s Windows logon component). • Once uninstalled, the SMS/Email tile will disappear and Windows will fall back to your standard username/password provider.
  2. (Alternative) Registry-disable the provider
    • Open regedit and navigate to: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers{C5D7540A-CD51-453B-B22B-05305BA03F07}
    • On 64-bit Windows also check under: HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers{C5D7540A-CD51-453B-B22B-05305BA03F07}
    • In each location, create a DWORD value named “Disabled” and set it to 1.
    • Reboot. Windows will skip that provider entirely and your Password provider ({60B78E88-EAD8-445C-9CFD-0B87F74EA6CD}) will become the default.
  3. (Optional) Use a Credential Provider Filter If you need more granular control you can also install/configure the Microsoft-supplied “Credential Provider Filter” and explicitly exclude the SMS/Email GUID so it never shows up at logon. See the MFA Server docs under “Windows Logon adapter → Credential Provider Filter” for the filter GUID and sample exclusion list.

Hope that helps get you back to plain username/password by default!

If the answer is helpful, kindly upvote it. If you have extra questions about this answer, please click "Comment".

Was this answer helpful?

1 person found this answer helpful.
0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.