Microsoft is bringing passkeys to all users

Windows 11 anti-pishing (Image credit: Shutterstock / vladwel)

Passkeys, a novel authentication method sometimes dubbed the “password killer”, has made it to Microsoft consumer accounts.

In a blog post published earlier this week, Microsoft enthusiastically announced the introduction of the new feature, describing it as the “next step toward our vision of simple, safe access for everyone.”

With a Microsoft account, a consumer can log in once, and then use a wide variety of company services, from email, to cloud, gaming, and more.

Killing passwords

Some of Microsoft’s most popular services include Outlook (formerly Hotmail), OneDrive (cloud storage), Skype (communications), and Xbox Live (gaming). Furthermore, with a Microsoft account, users can access the Microsoft Store, to download and purchase additional games, apps, TV shows, and other content .

“Starting today, you can use a passkey to access your Microsoft account using your face, fingerprint, or device PIN on Windows, Google, and Apple platforms,” Microsoft explained. “Your passkey gives you quick and easy access to the Microsoft services you use every day, and it will do a much better job than your password of protecting your account from malicious attacks.”

Microsoft has gone as far as to say that passkeys will replace passwords “almost entirely”.

“We hope this happens soon,” they concluded.

Unlike passwords, passkeys use two unique keys - one stored on the service, and the other on the device, protected by a PIN or biometrics. So, in order to log into a service, it is no longer enough for the attacker to know the password, or the PIN. They also need physical access to the user’s device, which stores the other half of the key. What’s more, since one part of the passkey will never work on a fake login site, all phishing landing pages become obsolete. 

“The best part about passkeys is that you’ll never need to worry about creating, forgetting, or resetting passwords ever again,” Microsoft concluded.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.