Microsoft is set to replace one billion passwords as it pushes for a move away from traditional passwords to passkeys. This shift comes amid growing cybersecurity concerns and increasing reports of password-related attacks. Passwords have long been a weak link in security, and Microsoft’s decision aims to address this vulnerability.
The company plans to replace passwords with passkeys, a more secure authentication method that involves facial recognition, fingerprints, or PINs. In a recent post, Microsoft’s Group Product Manager, Sangeeta Ranjit, and Principal Product Manager, Scott Bingham, declared, “The password era is ending. Bad actors know it, which is why they’re desperately accelerating password-related attacks while they still can.”
A report from Specops Software analyzed passwords compromised by infostealer malware over a 12-month period.
It highlighted the limitations of even the most stringent password policies. Darren James, Senior Product Manager at Specops Software, noted, “Strong password policies won’t protect passwords from being stolen by malware.”
Microsoft aims to replace passwords with phishing-resistant credentials. Although transitioning one billion users to passkeys is no simple task, the company is committed to this change.
Ranjit and Bingham emphasized that the ultimate goal is to eliminate passwords entirely.
Microsoft embraces passkeys for security
Microsoft has provided compelling statistics to support the transition.
Signing in with a passkey is three times faster than using a traditional password and eight times faster than traditional multi-factor authentication. Moreover, 99% of users who start the passkey registration process complete it successfully. To encourage users to switch, Microsoft uses strategic prompts.
“The most natural enrollment opportunity is when a user initially creates an account,” Microsoft noted. Additionally, nudges—messages prompting users to switch to passkeys—have proven effective. About 25% of users engaged with these prompts.
“As people become increasingly familiar with the usability and security benefits of passkeys,” Microsoft managers concluded, “they’ll be more likely to enroll and use them on more sites. Together, we can convince billions of users to enroll passkeys for trillions of accounts.”
Therefore, if you see a prompt from Microsoft to switch to a passkey, it’s an opportunity to enhance your security. Acting now can place you at the forefront of better security practices.
