Microsoft Urges Users to Delete Passwords for Passkey Security

Microsoft is warning Windows users to delete their passwords due to a surge in password-related attacks, promoting passkeys as a more secure alternative that links account security to device security, making it harder for hackers to bypass passwords.

The company aims to remove passwords completely and have accounts use phishing-resistant credentials, a goal that is being supported by the FIDO Alliance. On World Password Day, Microsoft is encouraging users to consider ditching passwords altogether and adopting passkeys, which are easy to use, resistant to phishing, and can be used across devices.

Microsoft has collaborated with the FIDO Alliance and platform partners to develop passkeys, a standards-based phishing-resistant authentication method that replaces passwords. Hundreds of websites support signing in with passkeys, and Microsoft has seen a significant increase in passkey adoption, with nearly a million passkeys registered every day. Users signing in with passkeys are three times more successful than those using passwords, and sign-ins are eight times faster.

The company has introduced new features to simplify the sign-in process, including a new visual style and passwordless sign-up experience. New accounts will be passwordless by default, and existing users can delete their passwords. Microsoft aims to make every sign-in passwordless and is encouraging users to take the leap and secure their accounts with passkeys, celebrating the first World Passkey Day as a shift away from passwords and towards a future of simpler, safer sign-ins.

As Microsoft continues to promote passkeys as a more secure alternative to passwords, users are advised to consider the benefits of passwordless authentication and take steps to protect their accounts from password-related attacks, marking a significant shift in the way we approach online security and authentication.