Microsoft's new "passwordless by default" is great but comes at a cost
a year ago
- #Microsoft
- #security
- #passwordless
- Microsoft is making passwordless logins the default for new accounts.
- Passkeys are being promoted as the new alternative to passwords, developed by major tech companies under the FIDO Alliance.
- Existing users will be prompted to enroll a passkey upon their next login.
- Passwords are costly and problematic, leading to weak security choices and breaches.
- Password spraying attacks have become more effective in breaching networks.
- Users must install Microsoft Authenticator to go fully passwordless, with other authenticator apps being incompatible.
- Without Microsoft Authenticator, users cannot remove their login passwords, undermining passkey security benefits.