No need to memorize passwords, logging into Microsoft 365 and other services just got easier.
All Microsoft accounts now support passkey sign-in. This gives users a more convenient way to access Microsoft services and paves the way for increased login security across Microsoft's portfolio.
In the future, you won't need to memorize passwords. You'll simply use passkeys to log into every account. When you join an app or website, it will generate a special "secret key" that stays on your phone or laptop. This key corresponds to a "public key" that's kept by the app or website. When the keys are joined together, your identify is verified, and you're allowed to log in.
Passkeys are incredibly convenient. Instead of entering a username and password for each website, you essentially use your phone or laptop to verify your identity. And, more importantly, the passwordless future will increase our security. If a website falls victim to a data breach, the hackers will only walk away with useless public keys. A hacker who wants your secret keys needs direct access to your phone or laptop—you don't even know your secret keys, so you can't be tricked into sharing them with scammers or fraudulent websites.
This isn't some niche Microsoft-only thing, either. Passkeys were designed by FIDO in collaboration dozens of big-name tech companies, such as Apple. In time, passkeys will become the standard login method across all large apps and websites.
"Today, you can use a passkey to sign in to Microsoft apps and websites, including Microsoft 365 and Copilot on desktop and mobile browsers. Support for signing into mobile versions of Microsoft applications using your passkey will follow in the coming weeks."
Microsoft added a passkey management suite to Windows 11 earlier this year. Other major players, including Apple and Google, have done the same for their respective operating systems.
To generate a passkey for your Microsoft account, log in and open Advanced Security Options. Then, select "Add a new way to sign in or verify." Microsoft will provide a few options for passkey sign-in (fingerprint, PIN, face) and guide you through the rest of the passkey-creation process (which is very quick and painless).
All modern operating systems, including Windows, macOS, Android, and iOS, contain an integrated passkey manager. The passkey you create for your Microsoft account will be saved to your device's passkey manager. Note that some password management services (such as 1Password and Proton Pass) can save and sync your passkeys between multiple devices, which can save you the trouble of generating a unique passkey for your phone, computer, and so on.
For reference, you can still log into your Microsoft account with a username and password after setting up a passkey. We're still in the transitional period; passkeys will coexist with passwords for some time. Of course, this means that the security benefits that are promised by passkeys haven't been fully realized. Using passkeys in 2024 is mainly an act of convenience—you can log in quickly without memorizing a password, and you'll be ahead of the curve when passkeys finally replace passwords.
Source: Microsoft