Microsoft pushes users to ditch passwords for passkeys amid security surge

In a significant move aimed at enhancing security for its users, Microsoft has announced a dramatic shift away from the traditional use of passwords, strongly encouraging its billion user base to eliminate passwords in favor of passkeys. This announcement marks the end of what Microsoft calls the 'password era,' which has become increasingly vulnerable to account attacks. The company's warning comes with a 72-hour deadline for users to act, signaling the urgency of this transition in response to the rising risk of phishing and other cyber threats. The Authenticator app will continue to support passkeys, emphasizing its role in this new security strategy. Users are advised not to merely transfer their passwords but to replace them entirely with passkeys wherever supported. This development reflects a broader trend among major tech companies, including Google and Amazon, who are similarly urging their users to embrace passkey technologies to fortify their accounts. Microsoft has already discontinued the autofill password feature, indicating a firm commitment to this new direction. The company warns that even if users continue to possess both passkeys and passwords, they remain at risk; thus, the ultimate goal is to completely phase out passwords and create accounts that exclusively rely on phishing-resistant credentials. As users adapt to this change, the risks associated with browser-based password management are also highlighted, suggesting that standalone password management solutions may offer greater security. The timeline for users to transition is short, and the urgency of the situation is evidenced by the collective warnings from Microsoft and other major firms urging users to prioritize security through the utilization of passkeys.