Microsoft advances passwordless authentication for over a billion users
Chucking the Old, Bouncing into the New: Ditching Passwords for Passkeys
Microsoft is encouraging its over one billion users to wave goodbye to passwords and embrace the safer, simpler world of passkeys. This isn't about cutting corners on security, but rather, inviting users to join the passkey party already underway since 2023 with tech titans like Apple and Google.
Starting from the end of April, Microsoft promises an updated sign-in and sign-up page adorned with passkeys for its massive userbase. The Microsoft Entra blog revealed these plans initially ignited back in May 2024. The company envisions a future where users will only need their email to sign up and sign in for a Microsoft account, with a passkey handling the security grunt work.
But, what the hell is a passkey, you ask?
A passkey is the saucy sibling of a password, offering a safer login experience. Instead of a password, the passkey utilizes a nifty pair of cryptographic keys known as a key pair. One key gets cooped up on user's device (think smartphone or other doodad), while the other hides out on the website you're planning to log into. Only when these two keys team up can a person access the site.
Here's the deal with these passkeys: they need biometrics, a PIN, or Face ID for verification. When a user tries to log in, the device will require one for authentication. Since this whole process happens electronically, all a person has to do is input their PIN, touch their fingerprints, or stare at their phone for Face ID to identify them for the site.
Passkeys have the upper hand on phishing. Suppose you fall victim to a phishing email sending you to a bogus Microsoft login page. In that case, with passkeys, bad actors won't snag your password since they can't replicate the key.
Subscribe to Our Newsletter - The Snapshot
Sign up to receive our free newsletter, diving into the future of computing, right in your inbox.
Passkeys hitch a ride on a device but can sync between multiple devices. Changing phone? Your passkeys will just hop onto the new device.
By 2023, both Apple and Google were already trigger-happy implementing passkeys into their mobile operating systems. These tech giants aren't the only ones jumping ship. Other tech companies are yet to catch up to this transformative trend.
The Perks of Passkeys
- Phishing-proof: Passkeys can't be used on phishing sites and can't be replicated by bad actors.
- Enhanced Security: They leverage public key cryptography to create unique key pairs into which login info cannot be hacked.
- Effortless: Passkeys practically eliminate the need for remembering passwords and dealing with complicated password rules.
- Site-specific: Each passkey is unique to the site or app it's created for, minimizing the risk of credential reuse.
- End-to-End Encrypted: Passkeys employ end-to-end encryption, keeping sensitive data unreachable, not even by service providers.
As more sites and apps embrace passkeys, the switch from the archaic password-based system becomes smoother, with password managers there to make the transition effortless across different devices and platforms.
Passkeys aren't just a new fangled toy; they're the future of online security, providing a sleeker, safer way to access the digital world. Embrace passkeys, and say goodbye to the anxiety of phishing scams!
- As Microsoft joins tech titans like Apple and Google in adopting passkeys for user authentication, those with laptops running Windows can expect a more secure login experience in the near future.
- In the realm of technology and data-and-cloud-computing, passkeys are poised to redefine cybersecurity as we know it, offering phishing-proof, effortless, and end-to-end encrypted authentication methods for users across various platforms.
- The introduction of passkeys is just another leap forward in the evolving landscape of technology, making it increasingly important for laptop users, whether using Windows, Mac, or any other operating system, to stay informed about the advancements in data security and the benefits they bring.
