Microsoft Urges Over 1 Billion Windows Users to Ditch Passwords in Favour of Passkeys

Microsoft has officially announced that it will be phasing out traditional passwords for more than 1 billion users, urging them to switch to a more secure alternative: passkeys.

A New Era for Account Security

At a recent press briefing, Microsoft warned that traditional passwords, which can be easily forgotten, guessed, or stolen, no longer offer the robust protection required in today’s threat landscape. “The password era is ending,” a company spokesperson declared, emphasizing the surge in password-related attacks. With over 7,000 password attacks blocked per second—a nearly twofold increase from the previous year—Microsoft is pushing its vast user base toward a safer, more efficient authentication method.

What Are Passkeys?

Passkeys are poised to replace both traditional passwords and the often cumbersome two-factor authentication (2FA) codes. Instead of relying on a string of characters, passkeys use biometric data—such as fingerprints or facial recognition—linked to a user’s hardware device. This approach means that the credentials remain on the device and are resistant to theft or interception, providing a secure and seamless user experience.

Microsoft’s updated sign-in process is set to roll out by the end of April. For new account registrations, users will simply enter their email addresses, receive a one-time verification code, and immediately begin using a passkey as their primary authentication method. “We’re rethinking the default experiences for sign in, putting even greater emphasis on usability and security,” said the spokesperson.

Security and Speed: The Passkey Advantage

Beyond heightened security, passkeys offer practical benefits. They enable users to sign in up to three times faster than traditional password methods. Moreover, by eliminating the dual use of passwords and passkeys—which can leave accounts vulnerable to phishing—Microsoft aims to create a unified, phishing-resistant credential system. “Even if we get our more than one billion users to enroll and use passkeys, if a user has both a passkey and a password, and both grant access to an account, the account is still at risk,” Microsoft noted.

Industry Implications

Microsoft’s decisive step reflects a broader trend in cybersecurity, with industry experts predicting that phishing-resistant authentication methods, such as FIDO passkeys, could become the dominant standard within the next two years. While other tech giants like Google continue to support passwords as a backup, Microsoft’s clear directive to eliminate passwords altogether underscores the urgency of adapting to increasingly sophisticated cyber threats, including those fueled by artificial intelligence.

As millions of users have already begun to delete their passwords, the tech giant’s latest push serves as a rallying call to the entire industry. With a streamlined and secure approach now within reach, Microsoft is not only setting a new benchmark for digital authentication but also challenging other platform providers to follow suit.

Looking Ahead

The transition to passkeys represents a significant evolution in online security. Microsoft’s message is clear: in an era of escalating cyberattacks, the outdated password system is a liability, and embracing passkeys is essential for safeguarding digital identities. As the deadline approaches, users and security experts alike will be watching closely to see if this paradigm shift leads to a more secure online environment for all.

For more updates on this transformative move and other tech news, stay tuned.

Photo Credit: DepositPhotos.com