Microsoft Expands Passkey Support to All Consumer Accounts

Microsoft Expands Passkey Support to All Consumer Accounts

Penka Hristovska Penka Hristovska
Published on: May 3, 2024

Microsoft is officially rolling out passkey support to all consumer accounts, allowing everyone who uses a Microsoft account to drop passwords for accessing it.

After introducing passkeys to Windows 11 last year, Microsoft now expands this support, allowing users to generate passkeys across Windows, Android, and iOS platforms.

This feature allows for seamless sign-ins to Microsoft accounts without entering a password each time. Instead, they can sign in using their face, fingerprint, PIN, or a security key as authentication methods.

“Today, you can use a passkey to sign in to Microsoft apps and websites, including Microsoft 365 and Copilot on desktop and mobile browsers. Support for signing into mobile versions of Microsoft applications using your passkey will follow in the coming weeks,” explains Vasu Jakkal, corporate vice president of Microsoft security, compliance, and identity.

Unlike traditional passwords, passkeys use a cryptographic key pair: one key is securely stored on the user’s device, protected by biometrics or a PIN, while the other resides with the specific app or website. This unique pairing ensures that the passkey only functions with the site or app for which it was created, significantly reducing vulnerability to theft or misuse.

“Password attacks are so popular because they still get results. It’s painfully clear that passwords are insufficient to protect our lives online. No matter how long and complicated you make your password, or how often you change it, it still presents a risk,” writes the company.

“Many app and website providers understand that even complicated passwords aren’t good enough to protect your account, so they give you the choice to use two-step or multifactor authentication with approvals and codes sent to your phone, email, or an app. While traditional multifactor authentication can help protect your account, it’s not attacker-proof, and it creates another frustrating barrier between you and your content: all these access attempts, passwords, and codes on all your devices can really add up,” Microsoft adds.

Passkeys have become a standard across the industry, embraced by major tech companies like Apple, Google, and Microsoft. Notably, more than 400 million Google accounts have adopted passkeys, highlighting their popularity as a convenient and secure alternative to traditional passwords for signing into various services.

Source of Article