Microsoft Shifts to Password-Free Default for New Accounts
Microsoft is rolling out significant changes to its sign-in experience, prioritizing passkeys and other secure alternatives over traditional passwords. Starting May 1, 2025, all new Microsoft accounts will be created without a traditional password by default. Instead, users will be prompted to use more secure methods such as passkeys that rely on face, fingerprint, or PIN authentication.
)
The new sign-in experience, which was introduced earlier this year, features a refreshed visual design that’s more modern and streamlined. The focus is on guiding users towards passwordless options, enhancing both security and user experience. Existing users can also opt for passwordless sign-in by removing their passwords through their account settings.
What are Passkeys?
A passkey is a cryptographic alternative to passwords. When a user creates a passkey, two keys are generated: a public key stored by Microsoft, and a private key stored securely on the user’s device. Authentication is done using the device’s built-in security features like facial recognition or fingerprint scan. Passkeys are built on the WebAuthn standard and are designed to work across devices.
Smarter Sign-in Experience
Microsoft is also introducing a smarter sign-in experience that automatically selects the most secure method available for the user’s account. For instance, if a user has both a password and a one-time code configured, they’ll be prompted to use the one-time code. After signing in, users will be encouraged to enroll a passkey for future use, further reducing reliance on passwords.
These changes are part of Microsoft’s broader effort to simplify and enhance its authentication systems. As more users adopt passkeys, the company expects to see a continued drop in password reliance, paving the way for their eventual removal altogether.
