Microsoft is making significant strides in pushing the industry towards passwordless logins, announcing that new accounts will automatically use passkeys as the default sign-in method. The company’s initiative aims to eliminate costly security problems caused by traditional passwords. Passkeys, developed under the FIDO Alliance coordination with major tech giants like Google, Apple, and Microsoft, are considered a safer alternative.
By setting passkeys as the default for new users, Microsoft is tackling the age-old problem of weak password choices and reused credentials. Leaked passwords have also become a significant concern, while attacks like password spraying have grown increasingly effective in breaching sensitive networks.
However, some users will be inconvenienced by Microsoft’s decision to make the Microsoft Authenticator app installation mandatory for full passwordless functionality. Existing users without the app won’t be able to transition away from passwords until they install it. This may undermine the “passwordless by default” marketing message and hinder the adoption of passkeys as a primary security method.
Source: https://arstechnica.com/security/2025/05/microsoft-pushes-unphishable-logins-forward-with-new-sign-in-options