Microsoft to Shift from Passwords to Passkeys

Microsoft to Delete 1 Billion Passwords in April

Microsoft sign outside headquarters with overlay text highlighting the company’s new shift from traditional passwords to passkeys for improved security.

In a recent update on Microsoft security log-in, the company announced to delete passwords of over 1 billion users. This measure is taken to upgrade the security standards of Microsoft and protect its users from hackers. Microsoft is fully geared up to replace passwords with passkeys. For that the new UX is optimized for passwordless and passkey-first experience. The company stated that

‘By the end of April, most Microsoft account users will see the updated sign-in and sign-up user experience for web and mobile apps.’

In December 2024, the tech giant announced that it will soon end the password era due to accelerating password-related cyber attacks. The company reported that ‘7,000 attacks on passwords [blocked] per second… almost double from a year ago’.

Microsoft later on campaigned to embrace passkeys as they are more secure and three times faster than passwords.

Passkey replaces passwords and two-factor authentication (2FA) codes with account authentication linked to users’ devices. It is secured by the same security protocol that unlocks the device, including fingerprint and face recognition. This measure is more secure as there is no chance of code leak and requires physical hardware devices. Moreover, passkeys will ensure that 2FA is not intercepted or bypassed.

No Password at all

Microsoft explained to its users that the complete removal of passwords from the security protocol is necessary because if the user has both a passkey and a password and both are able to grant access to an account, the user will still remain at risk of phishing. Therefore, it is highly required that the password is completely removed from the security protocol.

Passkeys Made Easy

The company made this mega change easy to do-able for its users. It will only require entering the user’s email. The company says

“You don’t have to create a new Microsoft password… All you need to do is verify the email with a one-time code, and this becomes the default credential for your new account, so you start off passwordless.Once signed in, users will then create their passkeys.

Microsoft is also ensuring that passkeys are made default sign in choice whenever possible.

Fatimah Misbah Hussain

Author

0 Comments

Leave a Reply Cancel reply

More Stories From "Infrastructure"