Microsoft has moved a step closer to a password-free future by making passkeys the default authentication method for all new Microsoft accounts. This change aims to enhance security and streamline the user experience across its services like Outlook, Xbox, and Microsoft 365.
As we've covered a few times in the past, passkeys are a modern alternative to traditional passwords. They use device-based authentication methods such as biometric recognition (Face ID, fingerprint) or PINs. They effectively make it impossible to access any given account unless you have direct access to a device with the correct passkey stored on it. It isn't possible to "hack" it remotely, because there is no password to log in with.
Microsoft's move aligns with a broader industry trend towards passwordless authentication.Companies like Apple, Google and Paypal have also embraced passkeys, allowing users to sign in across platforms using their device's native authentication methods. This cross-platform support ensures a consistent and secure sign-in experience for users, regardless of the device or operating system.
While new Microsoft accounts are passwordless by default, existing users can still opt to remove their passwords. However, to opt in to this new login method, users must install the Microsoft Authenticator app. This requirement has drawn some criticism, as it limits flexibility and may inconvenience users who prefer other authentication apps.
Passkeys have been around for a while now, and it's been clear that they're almost certainly the future of authentication for some time. Users have been slow to proactively start using them - they're clearly just love remembering multiple complex passwords too much! By making this the default for new accounts, we'll be moving closer to the stage that this starts to become second nature to people.