Microsoft has made a significant change to its user authentication system by making all newly created accounts passwordless by default. The update forms part of a broader effort to encourage global adoption of passkeys and coincides with the first-ever “World Passkey Day”, established by the FIDO Alliance and supported by dozens of technology companies.
Users setting up a new Microsoft account will now be able to sign in without creating a password, using biometric options such as facial recognition, fingerprint scans, or a PIN. Existing users can remove their passwords manually via their account settings.
Industry collaboration on passkey adoption
The decision follows Microsoft’s signing of the Passkey Pledge, a commitment to accelerate the transition away from passwords towards more secure, phishing-resistant authentication methods. Microsoft has worked with the FIDO Alliance and major platform providers to expand passkey compatibility across apps and websites.
According to Microsoft, passkeys are more secure and user-friendly than traditional passwords. They allow users to authenticate with local device credentials and eliminate the risk of phishing or brute force attacks. Hundreds of websites already support passkey authentication, enabling secure access to billions of accounts.
Joy Chik, president of Identity & Network Access, and Vasu Jakkal, corporate vice president of Microsoft Security, noted that this shift builds on Microsoft’s earlier developments such as Windows Hello, which introduced biometric sign-ins a decade ago. The company states that over 99% of users signing into Windows devices with Microsoft accounts already use passwordless methods.
Microsoft introduced passkey support across consumer services like Xbox and Copilot in 2024. Since then, the company reports that nearly one million new passkeys are being registered each day. Internal data shows that users signing in with passkeys are nearly three times more successful than those using passwords, with passkey login success rates reaching 98%. Sign-in speeds are also significantly faster.
Alongside the passwordless transition, Microsoft has launched a simplified user interface that prioritises non-password methods during account setup and login. The platform now detects the most secure available sign-in method and defaults to it, further reducing password use. Early testing has shown that this change has reduced reliance on passwords by over 20%.
The shift comes amid a surge in cyberattacks targeting traditional credentials. Microsoft observed approximately 7,000 password-based attacks per second in 2024, which is more than double the previous year’s rate, thereby highlighting the need for alternatives.
While more than 15 billion accounts globally are already compatible with passkey login, Microsoft indicated that continued adoption will be required to phase out passwords entirely. Redmond is encouraging users to begin transitioning by enabling passkeys on at least one account.
Recently, Microsoft rolled out the Recall AI feature for users of Windows 11 Copilot+ PCs, following an extended delay prompted by security-related concerns. The feature is now included in the latest Windows update, signifying its transition out of the beta stage.
Read more: Microsoft releases Recall AI feature following delay over security concerns
