Microsoft ditches passwords by default for new accounts

Did you know that there's a "World Passkey Day," championed by the FIDO Alliance? The FIDO Alliance is a global organization dedicated to creating standards for passwordless authentication. World Passkey Day, which recently happened (on May 1st), is its initiative to promote widespread passkey adoption. Microsoft marked this occasion with a significant announcement for anyone creating a new account with the company. Microsoft has officially made brand new Microsoft Accounts passwordless by default.

The company has been steering users away from traditional passwords for years. Windows Hello, introduced with Windows 10 about ten years ago, gave people a way to sign into their Windows devices using their face, fingerprint, or a device-specific PIN instead of a regular password. Microsoft also built passwordless sign-in support, like passkeys through the Web Authentication (WebAuthn) standard, right into its Edge browser, and has released official guides for using passkeys on Windows 11.

The reason for this shift away from passwords is simple: security. Microsoft, like the rest of the tech world, knows passwords are a major weak spot. They're easy targets for phishing attacks, where someone tricks you into handing over your login, or for bots that try to guess your credentials. According to Microsoft, there are now 7,000 password attacks every second, more than double the rate in 2023. Passkeys rely on cryptography tied to your device or identity, which makes them much harder to exploit.

So, now when someone signs up for a fresh Microsoft Account, they simply will not be asked to create a traditional password. Instead, during the setup process, they will choose a passwordless option like setting up a passkey, perhaps using Windows Hello on a Windows device, or potentially using the Microsoft Authenticator app on their phone. Here is what Microsoft stated about this change for new accounts:

As part of this simplified UX, we’re changing the default behavior for new accounts. Brand new Microsoft accounts will now be “passwordless by default.” New users will have several passwordless options for signing into their account and they’ll never need to enroll a password.

For people who already have Microsoft Accounts with passwords, Microsoft is also making changes to nudge them towards passwordless options. The sign-in experience is being updated to prioritize safer methods you have already set up. So, if you have both a password and a passkey on your account, Microsoft will prompt you to use the passkey first.

After you sign in, the system will encourage you to set up a passkey if you have not already, aiming to move you entirely away from password use over time. Microsoft reports this approach has already reduced password use by over 20% in experiments, and users who sign in with passkeys are much more successful and faster at logging in compared to using passwords and multi-factor authentication.

Source

Hope you enjoyed this news post.

Thank you for appreciating my time and effort posting news every day for many years.

News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of April): 1,811

RIP Matrix | Farewell my friend