Summary
Details
Updated November 11, 2025: We have updated the content and the images below. Thank you for your patience.
[Introduction]
Starting February 2026, we will introduce jailbreak and root detection for Entra credentials in the Microsoft Authenticator app on both iOS and Android platforms. This change enhances security by preventing Entra credentials from functioning on jailbroken/rooted devices. All existing Entra credentials on jailbroken or rooted devices will be wiped to protect your organization. This capability is secure by default and does not require any admin configuration or control.
[When this will happen]
General Availability (Worldwide) rollout begins in February 2026 and is expected to complete in April 2026.
[How this affects your organization]
Who is affected: All users of Microsoft Authenticator on iOS and Android whose Entra credentials are registered on jailbroken or rooted device. This is going to be a continuous check.
What will happen:
- The feature is secure by default and enabled to all customers. There is no opt-out capability..
- Users on jailbroken or rooted devices will experience the following phased rollout. An estimated gap between 3 phases is ~ 1 month.
- Phase 1 – Warning Mode: Users receive a warning that their device is jailbroken or rooted and will be blocked in the future (screenshots 1-4):
- Phase 2 – Blocking Mode: Users are blocked from registering Entra credentials or signing in via Authenticator (screenshots 5-8):
- Phase 3 – Wipe Mode: Existing Entra credentials are wiped from jailbroken or rooted devices (screenshots 9-11):
- Users on non-Jailbroken or non-rooted devices will not be affected.
[What you can do to prepare]
- Notify users about this upcoming change. Users will see error messages or banners in the Authenticator app during warning or blocking phases. These screens are dismissible but indicate the device status.
- Communicate to helpdesk staff that Authenticator will become unusable for Entra accounts on jailbroken or rooted devices.
- Update internal documentation if you reference Authenticator usage.
- No admin action is required to enable or configure this feature.
Learn more: About Microsoft Authenticator | Microsoft Support
[Compliance considerations]
No compliance considerations identified, review as appropriate for your organization.
Change History
[Introduction]
Starting February 2026, we will introduce jailbreak and root detection for Entra credentials in the Microsoft Authenticator app on both iOS and Android platforms. This change enhances security by preventing Entra credentials from functioning on jailbroken/rooted devices. All existing Entra credentials on jailbroken or rooted devices will be wiped to protect your organization. This capability is secure by default and does not require any admin configuration or control.
[When this will happen]
General Availability (Worldwide) rollout begins in February 2026 and is expected to complete in April 2026.
[How this affects your organization]
Who is affected: All users of Microsoft Authenticator on iOS and Android whose Entra credentials are registered on jailbroken or rooted device.
What will happen:
- The feature is secure by default.
- Users on jailbroken or rooted devices will experience the following phased rollout:
- Phase 1 – Warning Mode: Users receive a warning that their device is jailbroken or rooted and will be blocked in the future (screenshots 1-4):
- Phase 2 – Blocking Mode: Users are blocked from registering Entra credentials or signing in via Authenticator (screenshots 5-6):
- Phase 3 – Wipe Mode: Existing Entra credentials are wiped from jailbroken or rooted devices (screenshots 7-10):
- Users on compliant (non-Jailbroken or non-rooted) devices will not be affected.
[What you can do to prepare]
- Notify users about this upcoming change.
- Communicate to helpdesk staff that Authenticator will become unusable for Entra accounts on jailbroken or rooted devices.
- Update internal documentation if you reference Authenticator usage.
- No admin action is required to enable or configure this feature.
Learn more: About Microsoft Authenticator | Microsoft Support
[Compliance considerations]
No compliance considerations identified, review as appropriate for your organization.
Updated November 11, 2025: We have updated the content and the images below. Thank you for your patience.
[Introduction]
Starting February 2026, we will introduce jailbreak and root detection for Entra credentials in the Microsoft Authenticator app on both iOS and Android platforms. This change enhances security by preventing Entra credentials from functioning on jailbroken/rooted devices. All existing Entra credentials on jailbroken or rooted devices will be wiped to protect your organization. This capability is secure by default and does not require any admin configuration or control.
[When this will happen]
General Availability (Worldwide) rollout begins in February 2026 and is expected to complete in April 2026.
[How this affects your organization]
Who is affected: All users of Microsoft Authenticator on iOS and Android whose Entra credentials are registered on jailbroken or rooted device. This is going to be a continuous check.
What will happen:
- The feature is secure by default and enabled to all customers. There is no opt-out capability..
- Users on jailbroken or rooted devices will experience the following phased rollout. An estimated gap between 3 phases is ~ 1 month.
- Phase 1 – Warning Mode: Users receive a warning that their device is jailbroken or rooted and will be blocked in the future (screenshots 1-4):
- Phase 2 – Blocking Mode: Users are blocked from registering Entra credentials or signing in via Authenticator (screenshots 5-8):
- Phase 3 – Wipe Mode: Existing Entra credentials are wiped from jailbroken or rooted devices (screenshots 9-11):
- Users on non-Jailbroken or non-rooted devices will not be affected.
[What you can do to prepare]
- Notify users about this upcoming change. Users will see error messages or banners in the Authenticator app during warning or blocking phases. These screens are dismissible but indicate the device status.
- Communicate to helpdesk staff that Authenticator will become unusable for Entra accounts on jailbroken or rooted devices.
- Update internal documentation if you reference Authenticator usage.
- No admin action is required to enable or configure this feature.
Learn more: About Microsoft Authenticator | Microsoft Support
[Compliance considerations]
No compliance considerations identified, review as appropriate for your organization.
Never Miss a Microsoft 365 Update
Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.