Microsoft replaces passwords with passkeys on consumer accounts

• Support for mobile versions of Microsoft applications using a passkey will follow in the coming weeks.
• Microsoft says the best part about passkeys is that users will never need to worry about creating, forgetting, or resetting passwords ever again.

Users of Microsoft services can now create a passkey on their devices and use their face, fingerprint, PIN, or security key as a means of identification.

Passkeys can replace traditional passwords with your device’s own authentication methods. So, users can sign into Gmail, PayPal, or iCloud just by activating Face ID on the phone’s fingerprint sensor, or with Windows Hello on a PC.

Microsoft clients could sign in to apps and websites using FIDO security keys, Windows Hello, or the Microsoft Authenticator app instead of a password.

Today, you can use a passkey to sign in to Microsoft apps and websites, including Microsoft 365 and Copilot on desktop and mobile browsers. Support for signing into mobile versions of Microsoft applications using a passkey will follow in the coming weeks.

Passkeys have now been adopted by tech giants such as Apple, Google, Microsoft and others.

In 2023, Google started rolling out passkey support across Google Accounts on all major platforms as an additional option for users to sign in, alongside passwords and 2-Step Verification. The same year, the Meta-owned chat app Whatsapp rolled out passkeys to access the application on Android devices

More than 400 million Google accounts have used passkeys so far.

In 2015, Microsoft introduced Windows Hello and Windows Hello for Business as secure ways to access Windows 10 without entering a password as password attacks are so popular because they still get results.

It’s painfully clear that passwords are not sufficient for protecting our lives online. No matter how long and complicated you make your password, or how often you change it, it still presents a risk.

 “More and more apps and services are adding support for passkeys; you can already use them to sign in to the most popular ones. Passkeys are so much easier and more secure than passwords that we predict passkeys will replace passwords almost entirely (and we hope this happens soon),” Microsoft said on its blog.

Many app and website providers understand that even complicated passwords aren’t good enough to protect your account, so they give you the choice to use two-step or multifactor authentication with approvals and codes sent to your phone, email, or an app.

While traditional multifactor authentication can help protect your account, it’s not attacker-proof, and it creates another frustrating barrier between you and your content: all these access attempts, passwords, and codes on all your devices can really add up.

How passkeys work

Passkeys work differently than passwords. Instead of a single, vulnerable secret, passkey access uses two unique keys, known as a cryptographic key pair.

One key is stored safely on your device, guarded by your biometrics or PIN. The other key stays with the app or website for which you create the passkey. You need both parts of the key pair to sign in, just as you need both your key and the bank’s key to get into your safety deposit box.

Because this key pair combination is unique, your passkey will only work on the website or app you created it for, so you can’t be tricked into signing in to a malicious look-alike website. This is why we say that passkeys are “phishing-resistant.”

All you have to do to sign in is use your device unlock gesture: look into your device camera, press your finger on a fingerprint reader, or enter your PIN. Neither your biometric information nor your PIN ever leaves your device and they never get shared with the site or service you’re signing in to. Passkeys can also sync between your devices, so if you lose or upgrade your device, your passkeys will be ready and waiting for you when you set up your new one.

The best part about passkeys is that you’ll never need to worry about creating, forgetting, or resetting passwords ever again.

Creating a passkey for Microsoft account

Creating a passkey for your Microsoft account is easy. On the device where you want to create the passkey, follow this link, and choose the face, fingerprint, PIN, or security key option. Then follow the instructions on your device.