In celebration of World Password Day, Microsoft and Google have made significant strides in advancing passkey technology, a move aimed at eventually eliminating the need for traditional passwords altogether. Microsoft, in particular, has expanded passkey support to all its consumer accounts, while Google has extended access to passkeys for members of its Advanced Protection Program.
Passkeys are a revolutionary sign-in method that brings both stronger security and a more convenient experience. This new approach ditches traditional passwords altogether and relies on a powerful tool: cryptography. Imagine a pair of unique keys working together like a lock and key. One key is securely stored on your device, while the other is linked to the specific app or website you’re trying to access. This two-step verification makes phishing attacks a thing of the past. Unlike passwords, which can be stolen or leaked in a data breach, passkeys never reveal your private information.
Microsoft’s passkey support was initially available in Windows 11, but users can now utilize passkeys across various platforms, including Microsoft 365 and Copilot AI, on desktop and mobile web browsers. In addition to this, passkey support will soon be available for mobile versions of Microsoft apps.
To set up a passkey for your Microsoft account, configure the sign-in options, and choose from options like Face ID, fingerprint, PIN, or security key. Once configured, users no longer need to type in a password or use an authenticator app for a code.
Microsoft’s move towards expanding passkey support is a significant step towards a password-free future. With over 4,000 password attacks detected per second, according to Microsoft, the expansion of passkey support could help reduce reliance on classic sign-in methods.
In 2015, when we introduced Windows Hello and Windows Hello for Business as secure ways to access Windows 10 without entering a password, our identity systems were detecting around 115 password attacks per second. Less than a decade later, that number has surged 3,378% to more than 4,000 password attacks per second. Password attacks are so popular because they still get results. It’s painfully clear that passwords are not sufficient for protecting our lives online. No matter how long and complicated you make your password, or how often you change it, it still presents a risk.
Google has also joined the push for a password-free future by expanding passkey access to members of its Advanced Protection Program. This program caters to high-risk targets such as politicians and journalists, providing them with additional security measures. With this expansion, members can now utilize passkeys as an alternative to traditional passwords.
