Microsoft has announced that all new accounts will now be “passwordless by default” to enhance security against password-related attacks. This initiative follows a recent update to their sign-in and sign-up processes across platforms. Users will have the ability to enroll in various passwordless options, including passkeys which utilize biometric authentication for access.
Keypoints :
- Microsoft introduces a “passwordless by default” policy for all new accounts.
- Updated user experience flows optimized for passwordless and passkey-first authentication have been rolled out since March.
- New users will have several passwordless sign-in options and will not need to create a password.
- Existing users can remove their passwords from account settings.
- Each account will have a default passwordless method enabled, promoting the use of passkeys.
- Passkeys offer enhanced security through biometric authentication like fingerprints and facial recognition.
- The new experience is designed to speed up sign-ins and has already reduced password use by over 20% in experiments.
- Microsoft aims to eventually eliminate password support as more users enroll in passkeys.
- Microsoft is a board member of the FIDO Alliance, promoting passkeys as a standard passwordless sign-in method.
- Windows Hello now includes a built-in passkey manager as part of the Windows 11 feature update.
- Testing of WebAuthn API updates for third-party passkey providers in Windows 11 is currently underway.