Microsoft is taking a significant step toward eliminating passwords by introducing passkeys for Windows, a move aimed at bolstering security for businesses against the growing threat of phishing attacks. The company is integrating this passwordless authentication method into its Entra ID registration campaigns, allowing users to log in with biometric data or PINs instead of managing complex passwords.
According to reports, the feature is already available in preview. Microsoft Entra passkeys work in tandem with Windows Hello, utilizing cryptographic keys that remain stored on the user's device. This approach not only simplifies IT security by removing the need for manual password management but also enhances protection against identity theft. Microsoft has confirmed plans to automatically activate passkey profiles starting in March.
The rollout comes at a critical time as cyberattacks on corporate networks continue to rise, with phishing remaining one of the most prevalent threats. Passkeys are considered more resistant to such attacks because they cannot be intercepted or shared, offering a robust defense mechanism.
In parallel, Microsoft is phasing out one-time passcode authentication, doubling down on modern security technologies. The integration into existing Windows systems is designed to be seamless, minimizing disruption for users and IT administrators alike. For IT teams, this shift reduces the burden of password resets and security training, while users benefit from a simpler yet more secure login process.
The technology is based on the FIDO2 standard, which is already supported by many other providers. Microsoft is currently testing passkeys in real-world scenarios, with early feedback indicating that the transition is relatively straightforward for businesses. Configuration is reported to be simple, according to sources within the industry.
In the long term, this initiative could signal the end of traditional passwords in corporate environments. Microsoft is accelerating a trend that has already gained traction in consumer services, placing the security of enterprise data at the forefront of modern authentication strategies. By adopting passkeys, companies can streamline their security protocols while fortifying defenses against evolving cyber threats.
