Instead of overriding the login action, you could create a custom request handler, which takes a phone number and after validating, creates a session for that user.
The advantage is that login for your administrators remains standard, and thus safe.
Bart has writen a good article on how to make custom checks on login:
http://bartgroot.nl/mendix/custom-checks-on-login/
Furthermore, check how the AppCloudServices which come standard allow you to login.
I wouldn't abandon the built in authentication. As others have posted you will still want to keep your admin login functionality, and if your app has any other roles then you will want to preserve their logins too.
When we started with Mendix we had a requirement to authenticate against our own single sign on api and ended up writing a small amount of custom Java to override the standard login functionality and accomodate this. I am 100% sure you could do the same.