In a groundbreaking move towards a future without passwords, Microsoft has announced that new users will now create accounts using more secure authentication methods, such as passkeys, push notifications, and security keys, eliminating the need for traditional passwords. This significant shift comes after years of Microsoft promoting password-free login to Windows, allowing users to completely remove passwords from their accounts. According to the company, new accounts will be "free of passwords by default," marking a radical change in digital security policies.
Microsoft stated, "As part of this user experience enhancement, we are changing the default behavior for new accounts. Users will no longer be required to create a password, but will have multiple options for logging in without one." This announcement coincided with the introduction of a newly designed login window, specifically tailored to facilitate a smoother experience using passkeys first. Existing users still have the option to delete their passwords from their account settings if they wish.
In conjunction with this initiative, Microsoft has also decided to rename "World Password Day" to "World Passkey Day," reaffirming its commitment to supporting this technology throughout the year. The company noted that around one million new passkeys are registered daily, with a login success rate of 98% using passkeys compared to just 32% for traditional password-based accounts.
Passkeys represent a modern and secure method for logging into applications and websites, utilizing biometric authentication methods such as fingerprint recognition, facial recognition, or a PIN instead of relying on the traditional username and password combination. This change aims to enhance security and streamline the login process, as Microsoft continues to push for a password-free future.
In recent years, Microsoft has been gradually steering towards this password-less future. Back in 2021, the company introduced password removal options for Microsoft accounts, and earlier this year, they simplified the login experience with a focus on security without passwords through what they call "passkey pathways." Many experts agree that passwords are often weak and provide little defense against hackers. On the other hand, passkeys are automatically generated credentials that cannot be intercepted or stolen, and they require no memorization from users.
Starting May 1, 2025, anyone creating a new Microsoft account will be directed to a password-free login experience. This announcement was made during "World Passkey Day," highlighting Microsoft's intention to replace passwords with passkeys as soon as possible. In a blog post, Microsoft elaborated, "New accounts will be password-free by default: As part of this simplified UX, we are changing the default behavior for new accounts. Microsoft’s new accounts will be branded as 'password-free by default.' Users will have several password-free options to sign into their accounts and will never need to set a password."
Current users can still use passwords with their Microsoft accounts, although Microsoft repeatedly emphasizes passkeys as a more secure alternative. The company is also improving the login interface for passkeys, aiming to make the transition seamless. However, Microsoft will not force users to switch to passkeys just yet.
Microsoft also stated, "We are making it easier to log in without a password: Instead of displaying all possible login methods, we automatically suggest the best available method for your account and set it as the default. For example, if you have both a password and a one-time code set up on your account, we will prompt you to log in using the one-time code instead of your password. After logging in, you will be prompted to set up a passkey. Then, the next time you log in, you will be prompted to log in using your passkey." This streamlined experience is designed to make users sign in faster, and in their trials, Microsoft found that it reduced password use by over 20%.
As more people adopt passkeys, the number of password authentications will continue to decline until Microsoft can eventually eliminate password support altogether. If you feel confused, skeptical, or hesitant about passkeys, you are not alone. However, Microsoft reassures users that it is easier and more convenient than they might think. Once you create your first passkey, you will likely find it to be a more user-friendly option.
What exactly are passkeys? Passkeys replace traditional passwords with verification methods that are already integrated into your device, such as Face ID on iPhones, fingerprint sensors on Android devices, or Windows Hello on computers. This technology is built on the WebAuthn standard, where two keys are generated: one is stored with the website or service, and the other (the private key) remains securely on your device for identity verification.
But what happens if the device is lost or damaged? Fortunately, passkeys are designed to work across multiple devices and can be recovered through a phone number or email, or by using a physical security key if available. Password managers from Apple and Google already support these keys, along with other password managers like 1Password and Dashlane, which have even launched guides listing websites that support passkey logins.
As Microsoft moves forward with this initiative, it is clear that the company is committed to enhancing user security and simplifying the login process. By removing passwords from new accounts and promoting the use of passkeys, Microsoft is not only addressing the vulnerabilities associated with traditional passwords but also paving the way for a more secure digital future.
