Redmond, Washington – Microsoft has taken a bold step towards enhancing the security of over 1 billion end-users by announcing a significant update that involves the elimination of passwords and the introduction of passkeys. The tech giant has emphasized the vulnerabilities associated with passwords, warning users about the risks of forgetting or having their passwords easily guessed by malicious actors.
In an effort to combat the increasing number of password-related attacks, with up to 7,000 attacks on passwords being blocked per second, Microsoft aims to transition towards a passwordless future. Passkeys, which replace traditional passwords and two-factor authentication codes, offer a more secure authentication method by linking account access to hardware devices, such as fingerprint or facial recognition.
Microsoft touts passkeys as the future of authentication, highlighting their ease of use, resistance to phishing attempts, and unique nature for each website or application. The company plans to roll out updated sign-in and sign-up user experiences by the end of April, focusing on passwordless and passkey-first approaches to enhance usability and security.
By enabling users to create passkeys instead of passwords and updating the sign-in logic to prioritize passkeys, Microsoft aims to minimize the risk of phishing attacks. The company stresses the importance of removing passwords altogether to ensure a phishing-resistant future, especially in light of new AI-fueled attacks and compromises in two-factor authentication.
The FIDO Alliance, an organization dedicated to eliminating dependence on passwords, applauds Microsoft’s initiative to enhance account security through passkeys. The adoption of passkeys is gaining momentum, with phishing-resistant authentication projected to become the dominant method within the next two years.
Despite the progress made by Microsoft in promoting passkeys, the company has also announced the removal of a popular command line that allowed users to bypass connecting to the internet and signing into a Microsoft Account during Windows 11 setup. However, users can still utilize a workaround to bypass the Microsoft account requirement by creating a Registry entry.
As Microsoft continues its efforts to promote passkey adoption and eliminate passwords, the tech industry as a whole is urged to prioritize passkey support to drive widespread adoption of this more secure authentication method. The shift towards passwordless authentication represents a crucial step in enhancing cybersecurity and safeguarding user accounts against evolving threats.