Microsoft phases out passwords for over a billion users
- Microsoft is facing an increase in password-related cyber attacks, blocking 7,000 attacks per second.
- To combat this, the company is encouraging the use of passkeys as a more secure authentication method.
- Microsoft aims to eliminate passwords completely for over a billion users, enhancing security against phishing.
Microsoft is implementing a strategy to phase out passwords for more than a billion users, motivated by increasing password-related attacks. The company highlights that it blocks approximately 7,000 password attacks per second, a figure that has almost doubled in a year. This rise in attacks coincides with the growing risk posed by generative artificial intelligence, which allows even inexperienced individuals to carry out sophisticated phishing scams without coding skills. Microsoft identifies passkeys as a more secure alternative, designed to authenticate users via their hardware device rather than relying on passwords that can be compromised. As a part of this initiative, Microsoft emphasizes that maintaining both a passkey and a password for an account can leave it vulnerable for phishing attacks. Microsoft warns users that phishing tactics are evolving alongside advancements in AI technology. Current practices still facilitate credential theft, especially when hackers trick users into providing their usernames and passwords. To protect accounts, Microsoft encourages users to adopt passkeys, which cannot be stolen, copied, or bypassed, unlike traditional password systems. The company has launched campaigns to educate users on the transition to a password-free experience. They aim to guide individuals through the process of setting up passkeys, reinforcing the necessity and urgency of adopting this newer technology. They have stated that many individuals have already deleted their passwords, successfully shielding themselves from password-related threats. The push against password usage aligns with industry trends where companies seek to enhance digital security practices through stronger authentication measures. In essence, Microsoft is proactively working toward eliminating passwords in favor of credentialing methods that resist phishing. This move not only aims to enhance user security but also responds to the dramatic increase in cyber attacks associated with passwords. The company's efforts represent an important shift in the cyber landscape, as guardians of personal data work to stay ahead of those seeking to exploit vulnerabilities.