Microsoft Sets Passkeys as Default, Plans Password Phase-Out

Laptop screen showing biometric login option replacing traditional password entry.

In a major move toward a passwordless future, Microsoft has begun setting passkeys as the default sign-in method for all new accounts as of May 1. Coinciding with World Password Day, the initiative reflects Microsoft’s broader commitment to replace traditional passwords with more secure and user-friendly methods like facial recognition, fingerprint scans, and PINs.

Although users have previously had alternative sign-in options, Microsoft is now making passwordless authentication the norm. New account holders will be guided through a seamless passkey sign-in experience. According to company executives Joy Chik and Vasu Jakkal, users logging in with passkeys are nearly three times more successful than those relying on passwords achieving a 98% success rate compared to just 32%.

Microsoft also revealed that 99% of Windows users already use Windows Hello, a biometric authentication system. This widespread adoption reinforces the company’s view that passkeys not only offer better security but are also more convenient. Because users no longer need to remember complex credentials, their experience improves while also reducing vulnerability to phishing attacks and data breaches.

Gradual Shift for Existing Users

Despite this push, existing Microsoft users can still log in with passwords. However, the company encourages switching by prompting users to adopt “the best available method,” often leading them toward biometric or PIN-based login. For instance, a user currently entering a password and a two-factor authentication (2FA) code may soon be guided to log in using only a biometric method.

Ultimately, Microsoft aims to transition all users to passkeys, ensuring stronger protection and ease of access across devices.

OpenAI Gears Up for August Release of GPT-5

Tech Giants Unite Behind FIDO Standards

Microsoft’s strategy is rooted in standards set by the FIDO Alliance and the World Wide Web Consortium. These standards support secure, phishing-resistant logins without relying on traditional passwords. Apple and Google have also joined this effort, confirming on May 5 that they will expand support for FIDO passkeys across platforms such as Chrome, ChromeOS, Android, and iOS.

Andrew Shikiar, executive director of the FIDO Alliance, emphasized the importance of collaboration. He noted that low-friction, FIDO-compliant systems can significantly improve global digital security. With Apple, Google, and Microsoft aligned, the password’s dominance may soon come to an end.