Microsoft to Ditch Passwords for Passkeys, Boosting Security
In a bold move toward enhanced security, Microsoft is phasing out passwords, mandating passkeys for its users. This shift aims to simplify logins while significantly reducing vulnerability to cyber threats, marking a crucial change in how we secure digital identities. The move is set to roll out imminently, impacting all Microsoft users.
Password Elimination Timeline
Microsoft is overhauling its security protocol, starting with immediate changes. Users can no longer add passwords to the Microsoft Authenticator app as of June. In July, autofill functionality will disappear, and by August, stored passwords will become inaccessible, pushing passkey adoption. This strategy underscores Microsoft’s move toward password-less security for enhanced user protection.
Understanding Passkeys
A passkey represents a safer login method, merging the functionality of a password with two-factor authentication. It creates a credential, such as biometric data or a PIN, that isn’t stored on a server. This approach aims to thwart hackers and resist phishing attempts.
“It’s the difference between using a codeword to open a door and using a physical key that only you have,” explained Timothy Werth, a Tech Editor at Mashable. “Passkeys are only stored on your devices, not a Microsoft server, and they also eliminate the kind of user errors that result in weak passwords. Plus, password managers are becoming a really popular target for hackers, so Microsoft is definitely onto something.”
—Timothy Werth, Tech Editor
According to recent reports, password-related breaches are a significant concern; over 19 billion passwords have been exposed in recent cyberattacks (Security Magazine, 2024).
Setting up Passkeys
Microsoft is automating the passkey setup process. The Microsoft Authenticator will prompt users to establish a passkey. Users can also manually set up passkeys by selecting “set up a passkey” within the Authenticator app. For those managing their Microsoft account, accessing “Advanced Security Options” and choosing a preferred method like Face ID, fingerprint, or a security key will enable passkey setup.
Users can still utilize passwords by employing Microsoft Edge with password autofill or exporting them. The company aims to remove passwords across all services, including Copilot and Xbox, with new Microsoft accounts already adopting the password-less setup.
