Microsoft has implemented a new security system called passkeys in all user accounts, allowing users to use these keys to access the technology company’s applications and websites.
The company that created Windows has stated that passwords alone “are not enough” to safeguard users’ digital information, as more than 4,000 password attacks still occur per second, a persistent threat due to their proven effectiveness.
With the aim of moving towards a world without passwords, Microsoft has announced the integration of access keys in all user accounts, thus offering a more efficient and faster method to log in to digital services, especially when accessed from multiple devices.
Starting this week, users have the option to use a passcode to authenticate to their Microsoft account using facial recognition, a fingerprint, or a device PIN on platforms such as Windows, Google, and Apple, as reported by the company through its official blog.
Additionally, users have the ability to generate a passkey to sign in to Microsoft apps and websites, such as Microsoft 365 and Copilot, on both desktop and mobile browsers.
The passkey system is based on the use of two unique keys to access an account: one of them is stored securely on the device, protected by biometric data or a PIN, while the other key remains in the application or site website for which the access key has been created.
As the company explains, “both parts of the key pair are needed to log in,” which ensures stronger protection, especially against phishing attacks. Since this key combination is unique, the access key will only be valid for the specific website or application for which it was created, thus avoiding the possibility of being tricked into logging into a malicious website.
