Microsoft enables passkeys for all consumer accounts

Microsoft passkeys setup processImage: Microsoft

For World Password Day, Microsoft is doing something I can appreciate: helping get rid of them. Today, the company said that all Microsoft consumer accounts will be passkey enabled. Adios, passwords!

What’s a passkey? It replaces passwords by combining something you have (such as a phone, a physical security key, or your password manager) with either something you know (a PIN number) or something you are, using biometric security. On Windows, that means using a fingerprint reader or webcam with Windows Hello.

“Starting today, you can use a passkey to sign in to Microsoft apps and websites, including Microsoft 365 and Copilot on desktop and mobile browsers,” Microsoft said in a blog post. You’ll be able to log into mobile Microsoft apps in the coming weeks.

I love passkeys. Windows Hello was one of the best additions ever made to Windows, and most people are now accustomed to unlocking their phone or PC with their fingerprint or face. (A PIN, assuming you’ve set one up, serves as a backup in case your device doesn’t recognize you.)

To set up passkeys on your Windows device, you can follow this Microsoft-supplied link. You’ll need to log in using an existing authentication method, such as your password or Microsoft authenticator. But the setup process links Windows Hello to your Microsoft account, so you should be able to log in to your Microsoft account page, Outlook on the Web, and so on.

The only catch, if it truly is one, is that you must set up a passkey for each device you own. One part of passkey authentication remains on the app or site that you’re trying to log in to; the other part remains on your device. Both are needed to unlock your data. It’s a little less convenient than a single password that can be stored in the cloud or in one of our recommended password managers, but requiring two keys, rather than one, is more secure. Migrating passkeys from PC to PC isn’t something that’s currently available.

If you’re a business user — or, like some of us, straddle a work and personal environment — you’ll need to ask your IT department to enable passkeys for corporate devices. Microsoft uses its Entra ID technology to manage this.

Tying the entirety of your personal life to your face or fingerprint does carry some risks, especially if you’re incapacitated for some reason and someone tries to take advantage. But for most people, in most situations, passkeys seem like an easy, secure, authentication method that I’d like to see more of.

Further reading: I’m ditching my passwords—and you should too

As PCWorld’s senior editor, Mark focuses on Microsoft news and chip technology, among other beats. He has formerly written for PCMag, BYTE, Slashdot, eWEEK, and ReadWrite.

Recent stories by Mark Hachman:

Microsoft’s Copilot AI is stealing one of Midjourney’s best featuresMore workers are using AI, but they’re ashamed to admit itMicrosoft says it’s pausing Windows Copilot UI tests

Leave a Response