Your Phone Changed, But Your Security Shouldn’t Break
You got a new phone number. It’s exciting—a fresh start, maybe a new carrier with better coverage. You’ve updated your contact info with friends, family, and your bank. But then you try to log into your work email or a critical cloud service, and you hit a wall. Microsoft Authentator is still sending codes to a number you no longer control.
This moment of frustration is more common than you think. The Microsoft Authenticator app is a cornerstone of modern digital security, acting as a gatekeeper for your Microsoft account, Azure resources, and countless other third-party services. When the phone number linked to it becomes obsolete, you’re not just locked out of an app; you’re potentially locked out of your professional and digital life.
This guide provides the clear, actionable steps to update your phone number in Microsoft Authenticator, ensuring your security remains intact through the transition. We’ll cover the official methods, crucial prerequisites, and what to do if you’re already locked out.
Understanding the Link Between Your Number and Authenticator
Before diving into the steps, it’s important to clarify what we’re actually changing. The Microsoft Authenticator app itself does not store your phone number as a primary credential. Instead, your phone number is registered to your Microsoft account as a verification method.
The Authenticator app generates time-based one-time passwords (TOTP) or approves push notifications based on a secure seed that is linked to your account. Your phone number is a separate, backup verification method. When you change the number on your Microsoft account, you are ensuring that if you ever need to recover your account or verify your identity via SMS, the code goes to the right place.
Therefore, the process of “changing your phone number in Microsoft Authenticator” is really a two-part operation: updating the number on your Microsoft account, and then ensuring the Authenticator app on your new device (if you have one) is properly set up.
Prerequisites You Must Have Before Starting
Do not begin this process unless you have the following. Trying to change your security details without them is the fastest way to get permanently locked out.
– Access to your current, registered phone number (if it’s still active) to receive a verification code.
– Access to the email address that is the primary alias for your Microsoft account.
– An alternative, already-verified security method. This could be:
– The Microsoft Authenticator app already working on an old phone.
– A backup email address you can access.
– A set of printed recovery codes you saved previously.
– Your new phone number ready to receive an SMS or call.
If your old number is completely dead and you have no other recovery methods, the process becomes a manual account recovery request, which can take days and is not guaranteed. Always set up multiple recovery methods.
Step-by-Step: Changing Your Phone Number via Microsoft Account Security
This is the primary and recommended method. You will update the number at the source—your Microsoft account security settings.
Sign In to Your Microsoft Account Security Page
On a computer or a device you trust, navigate to the Microsoft account security page. You can search for “Microsoft account security” or go directly to account.microsoft.com/security.
Sign in with your email address and current password. If you have two-step verification enabled (which you should), you will need to approve the sign-in using your existing Microsoft Authenticator app or another method. This is why having your old device still functional is ideal.
Navigate to Your Security Info
Once signed in, look for a section titled “Security info” or “Advanced security options.” Click on “Update info” or “Manage security info.” This page lists all the methods you can use to verify your identity: Authenticator app, phone numbers, email addresses, and security keys.
Find the entry for your phone number. It will likely be listed as “Phone” or “Mobile number.” Select the option to “Change” or “Update” this number.
Verify Your Identity (The Critical Step)
Microsoft will not let you change security information without proving you are the account owner. You will be prompted to verify your identity using one of your other methods.
– If you still have the old phone number and it can receive SMS, you can choose that option.
– The best option is to use the “Microsoft Authenticator app” notification. Tap “Approve” on the prompt that appears on your old phone.
– You can also use a verification code sent to your backup email address.
Complete this verification to proceed to the next screen.
Add and Verify Your New Phone Number
You will now see a form to enter your new phone number. Select your country or region from the dropdown, then enter the new mobile number carefully. Choose whether you prefer to receive verification via text message (SMS) or a phone call.
Click “Next.” Microsoft will send a 7-digit code to your new number. Enter this code on the website to verify you possess and control the new device. Once verified, your new number will be added to your security info.
Remove the Old Phone Number (Optional but Recommended)
After adding the new number, you can return to the “Security info” page. You will now see both your old and new numbers listed. It is a good security practice to remove outdated methods. Click on the old number and select “Remove.” Confirm the removal. Your account will now use the new number for any SMS-based verification.
Setting Up Microsoft Authenticator on a New Phone
If you changed your phone number because you got a new physical device, you need to move the Authenticator app itself. You cannot simply install the app and log in; the codes are tied to the old installation.
The simplest method is to use the cloud backup feature within the Authenticator app. On your old phone, open Microsoft Authenticator, go to Settings, and ensure “Cloud Backup” is turned on for your personal Microsoft account. This encrypts and saves your account credentials to the cloud.
On your new phone, install Microsoft Authenticator from the App Store or Google Play. During the initial setup, choose “Begin recovery” and sign in with the same Microsoft account you used for backup. The app should restore all your accounts. You will then need to approve sign-ins on the new device to finalize the transfer.
If you did not use cloud backup, you will need to manually re-add each account to the Authenticator app on your new phone. This involves logging into each service (like GitHub, Amazon AWS, your Microsoft account), navigating to its two-factor authentication settings, and scanning a new QR code with the fresh Authenticator app. This is time-consuming but secure.
Troubleshooting Common Roadblocks
What if things don’t go smoothly? Here are solutions to frequent problems.
I No Longer Have Access to My Old Number or Authenticator
This is an account recovery scenario. On the Microsoft sign-in page, click “Can’t access your account?” Choose the option that you’ve lost your security info. You will be guided through a process that uses your backup email and involves answering questions about your account activity to prove ownership.
Be prepared to provide details like recent emails you sent, contacts you emailed, and billing information for services like Microsoft 365. The automated system may offer to send a code to your new number if it has any other association with your account, or it may require you to fill out a recovery form and wait 24 hours for a response from Microsoft’s support team.
The “Change” Option Is Grayed Out on My Security Info Page
This usually means your account is managed by an organization (like your company or school). In this case, your security methods are controlled by your IT administrator. You cannot change them yourself.
You must contact your organization’s IT help desk. Explain that you have a new phone number and need it updated for Microsoft Authenticator and SMS verification. They can update it in the Azure Active Directory admin center, which will propagate the change to your account.
Verification Codes Are Not Coming to My New Number
First, double-check the number you entered for typos. Ensure your phone has a cellular signal or is connected to Wi-Fi if using Wi-Fi calling.
Wait a full two minutes. SMS delays are common, especially during number porting. If the code never arrives, choose the “Call me” option instead. If neither works, your mobile carrier might be blocking short codes. Contact your carrier’s support to ensure they are not filtering messages from Microsoft (sender IDs like “Microsoft”).
Proactive Security: Locking Your Digital Door
Changing your phone number is a perfect trigger to audit your overall security posture. Don’t stop at Microsoft.
– Review Recovery Methods: Log into other critical accounts (Google, Apple, Facebook, banking) and update your phone number there as well. Add a backup Authenticator app like Authy or 1Password, which can sync across devices, or use a physical security key.
– Generate and Store Recovery Codes: For every service that offers them (Microsoft, Google, GitHub), generate a new set of 10-digit recovery codes. Print them and store them in a safe, physical place like a fireproof lockbox. These are your master keys if everything else fails.
– Consider Passwordless: Explore moving completely away from SMS verification. For your Microsoft account, you can set up passwordless sign-in with the Authenticator app, Windows Hello, or a security key. This is more secure and eliminates the phone number dependency entirely.
Your phone number is a digital lifeline. Treat its change with the same seriousness as changing the locks on your house. By following the official process, preparing your recovery options, and taking the time to secure your other accounts, you transition your security seamlessly. You ensure that your new number becomes a tool for access, not a point of failure.
