Microsoft is taking another step toward eliminating passwords from the login experience. Starting now, all new Microsoft accounts will default to passwordless sign-in using passkeys—a move the company says enhances both convenience and security. Existing users can also opt in by removing their saved passwords and switching entirely to passkey authentication from their account settings.
The shift is part of a broader trend in the tech industry to phase out traditional passwords, which are often reused, easily forgotten, or vulnerable to phishing and brute-force attacks. Passkeys, by contrast, are cryptographic login credentials stored locally on a user’s device and protected by biometrics or a device PIN. Instead of entering a password, users verify their identity through face recognition, a fingerprint scan, or device unlock to gain access.
For Microsoft account holders with two-factor authentication already enabled, the transition will be seamless. These users will no longer need to enter their account password at all. Initially, they’ll still receive a 2FA code by text or email, but Microsoft plans to phase that out as well, replacing it entirely with passkey authentication for future logins.
Passkeys are based on FIDO (Fast Identity Online) protocols, a security standard jointly adopted by Microsoft, Apple, and Google. The private keys never leave the user’s device and are end-to-end encrypted. For those in the Microsoft ecosystem, the company recommends setting up passkeys through the Microsoft Authenticator app, available on both Android and iOS. Once registered, passkey access can be toggled in the phone’s settings menu—under “Passwords & accounts” on Android or “Autofill & Passwords” on iOS.
Users aren’t locked into Microsoft’s Authenticator app, either. Passkeys can be stored and managed via third-party apps like 1Password or other password managers that support the FIDO standard. Microsoft confirms that whether using its own tools or external options, passkeys will remain encrypted and safeguarded by device-level security measures like Trusted Platform Module (TPM) chips.
Passkeys are compatible across a wide range of platforms and browsers, including Windows 10 and 11, macOS Ventura and later, iOS 16+, Android 9+, Chrome OS 109+, Microsoft Edge (version 109+), Safari (version 16+), and the mobile version of Google Chrome.
Microsoft’s push toward passkeys follows similar moves by Apple and Google, signaling a shift away from the aging password model toward a more secure, device-first future. For users, it means less reliance on memorizing credentials—and fewer opportunities for attackers to exploit weak or stolen passwords. Whether this encourages faster adoption across other digital services remains to be seen, but the message is clear: the password era is quickly fading.
