Microsoft, Google widen passkey support for its users – Help Net Security

Summary: This content discusses the continued relevance of passwords in digital authentication despite the availability of alternative methods, such as passkeys.

Threat Actor: N/A

Victim: N/A

Key Point :

  • The password is still widely used for digital authentication, despite predictions of its demise.
  • A recent survey by the FIDO Alliance shows that passkeys are gaining popularity, with 22% of respondents enabling them on every account and 61% finding them more convenient than passwords.
  • New offerings and extended support for passkeys have been introduced by various companies.

Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives.

Microsoft Google passkey

Despite decades of often-repeated statements proclaiming the death of the password as a means for digital authentication, the password isn’t dead yet. It also doesn’t seem like it will die imminenty, despite the increased layered use of additional authentication methods (biometrics, hardware security keys, etc.) and technologies meant to supplant it (passkeys).

But, as the FIDO Alliance noted today, World Password Day may soon need a rebrand: according to its most recent survey, 22% of respondents enabled passkeys on every account (where possible), and 61% of people familiar with passkeys say they are more convenient than passwords (58% also believe they offer greater security).

New offerings and extended passkey support

Just in time for 2024 World Password Day, various companies have launched and/or announced new authentication-related offerings.

Microsoft has announced passkey support for consumer accounts and is adding support for device-bound passkeys in the Microsoft Authenticator mobile app.

After having launched passkey support for Google Accounts, Google Workspace and Google Cloud accounts last year, the tech behemoth says that they will soon support the use of passkeys to enroll in the Advanced Protection Program (aimed at users at risk of targeted attacks) and pointed out that there is an increasing number of reputable password managers users can leverage to store their passkeys.

Bitwarden has launched a standalone Authenticator app that generates time-based one-time passwords (TOTP) for users, and which can be used without having a Bitwarden account or using the Bitwarden password manager. (Recently, Bitwarden enabled passkey management for its users.)

“In just the last 12 months, Amazon, 1Password, Dashlane, Docusign, Kayak, Mercari, Shopify and Yahoo! JAPAN have started rolling out passkeys, joining early adopters like eBay, Uber, PayPal and Whatsapp. In fact, Dashlane is seeing a 70% increase in conversion with passkeys and Kayak users are signing in 50% faster than before,” says Heather Adkins, Google VP of Security Engineering.

Other early adopters include Apple, Nintendo, Shopify, Adobe, and others.

According to the FIDO Alliance, passkeys are now supported by 20% of the world’s top 100 websites and 12% of the top 250.


“An interesting youtube video that may be related to the article above”