After launching passkey authentication on Windows 11 last September, but only for professional accounts, Microsoft is preparing to generalize it to all its users. The Redmond firm announced on May 2 that support for these passkeys is already effective for web applications, including Microsoft 365 and Copilot, as well as for Bing on mobile. “Passkey login support for mobile apps will follow in the coming weeks”Microsoft said.
The passkey, sometimes called an “access key” or “identification key”, allows a user to log in without a password. During authentication, the latter generates a unique key linked to a factor to which only it has access: most often, it is biometrics, such as fingerprint or facial recognition, but it can also be a code PIN or security key. This requires a smartphone. For web applications, Microsoft offers these four options.
Advertisement
Compared to a traditional password, passkeys are unique codes, therefore much more robust because they are difficult to guess, but also to exploit in the event of compromise since they expire immediately. The private key contained in the passkey is also not hosted on the servers, and therefore cannot be distributed in the event of a data leak. Finally, these passkeys are more resistant to phishing attacks. Last year, Apple introduced it for its Apple ID accounts. Google did the same, and announced today that it had exceeded 400 million accounts using this method, with more than a billion authentications by passkey to date.
Selected for you