Microsoft has announced plans to eliminate passwords for over one billion users in favor of passkeys, marking a significant shift in its security strategy. The company reports experiencing a 200 percent increase in cyberattacks, with approximately 7,000 password attacks occurring every second – nearly double the rate observed in the previous year.
The technology giant is observing a 146 percent increase in phishing attacks targeting user credentials. In response, Microsoft is promoting passkeys as a more secure alternative that offers faster access while eliminating common issues like forgotten passwords and one-time codes. Data shows that passkeys achieve a 98 percent success rate for login attempts, compared to just 32 percent for traditional passwords.
The initiative extends Microsoft’s long-standing commitment to passwordless authentication, which began with the introduction of Windows Hello biometric authentication and has evolved through various security enhancements to Microsoft Authenticator. The company’s implementation strategy involves a gradual transition, with new users being invited to enroll in passkeys during account creation, while existing users receive prompts at key moments such as after signing in or during password resets. Early results from this initiative have shown promising results, with a 10 percent reduction in password usage and a 987 percent increase in passkey adoption.
The company reports that users can authenticate approximately three times faster using passkeys compared to traditional passwords. These FIDO Alliance-certified credentials are particularly significant as they work across platforms and browsers, representing a collaborative effort among major tech companies to establish a unified standard for passwordless authentication.
To facilitate this transition, Microsoft is establishing passkeys as the default sign-in option for users who have them enabled. The company acknowledges the challenge of convincing the remaining 30-40 percent of users to adopt the new system but emphasizes the clear benefits demonstrated by current data. The approach matches broader industry trends, as other major technology companies have also begun implementing passkey support across their platforms.
“The password era is ending. Bad actors know it, which is why they’re desperately accelerating password-related attacks while they still can,” Microsoft stated in its security blog. “Passkeys not only offer an improved user experience by letting you sign in faster with your face, fingerprint, or PIN, but they also aren’t susceptible to the same kinds of attacks as passwords.”
The transition to passkeys will be supported across Microsoft’s ecosystem, including Microsoft Authenticator, which will introduce native passkey support in 2025, and Windows 11, which recently added support for third-party passkey management.
Sources: Euro Weekly News, Microsoft Security Blog
Follow Us