Slashdot: Microsoft Makes New Accounts Passwordless by Default

May 2, 2025

—

Source URL: https://it.slashdot.org/story/25/05/01/2354218/microsoft-makes-new-accounts-passwordless-by-default
Source: Slashdot
Title: Microsoft Makes New Accounts Passwordless by Default

Feedly Summary:

AI Summary and Description: Yes

Summary: Microsoft is moving towards a passwordless authentication system for new accounts, utilizing more secure methods such as biometrics, PINs, and security keys. This initiative highlights the company’s ongoing commitment to enhancing security and streamlining user experiences.

Detailed Description: Microsoft’s recent decision to make new accounts passwordless by default represents a transformative shift in user authentication practices. This initiative aims to improve security while simplifying the login process for users. Key aspects of this development include:

– **Passwordless Authentication Methods**: New users will no longer create passwords. Instead, they can authenticate using:
– Biometric data (e.g., fingerprint or facial recognition)
– Personal Identification Numbers (PINs)
– Security keys

– **Historical Context**: This change is part of a decade-long initiative that began with Windows Hello in 2015, signaling that Microsoft has been progressively moving away from password dependency.

– **Performance Metrics**: According to Microsoft’s data:
– Passkey sign-ins are reported to be eight times faster than traditional password and multi-factor authentication combinations.
– Users of passkeys experience a 98% success rate with logins compared to only a 32% success rate for those using passwords.

– **Usage Statistics**: The company reports that it registers nearly one million passkeys daily across its consumer services, suggesting a significant shift towards this new authentication method.

This transition is highly relevant for security professionals, as it aligns with broader trends in enhancing security measures while addressing user frustrations associated with traditional passwords. The implications for information security are profound, as reducing reliance on passwords could mitigate risks associated with password breaches, phishing attacks, and other vulnerabilities inherent to password use. Additionally, it aligns with concepts of Zero Trust by enforcing stronger verification methods that do not rely solely on knowledge-based factors.

01 1 2 3 4 5 a account Act AI and art as attack attacks authentication authentication methods authentication practices based Bi Biometric data biometrics breach breaches by C CI CIA co commit concept consumer Context cross D data de decision dependency development DoT e edge end ERP exp experience facial recognition fact factor authentication fast fault for g GIS Go H high Highlight http HTTPS implications in information information security k Key keys knowledge l led Li long M man measures metrics Micro Microsoft ML multi multi-factor authentication N nation NGO no o of on one only OPM ory passkey Passkeys password breaches passwordless passwordless authentication passwords performance performance metrics phi phishing phishing attack Phishing Attacks pre process professionals Progress R rate RCE red report Risk risks Ro Rust s sec secure security security keys security measure security measures security professionals service services shift Sig Signal Sim SoC source SSO system T text the Time to Tor TP transformative transition trends trust US usage use user user authentication user experience Users uth V verification verification methods vulnerabilities Wi Wind Windows Windows Hello x zero Zero Trust