Here is a summary of the main points from the Business Standard article detailing Microsoft’s move to password-free accounts:
What’s Changing?
Effective Date: Starting May 1, 2025, all new Microsoft accounts will be created without a traditional password by default.
Passwordless Options: Users will be prompted to use more secure alternatives—like passkeys—relying on face, fingerprint, or PIN authentication.
No Password Setup: Users won’t be asked to create a password when setting up a new Microsoft account.
Smarter Sign-In: Microsoft is rolling out a new sign-in experience that will automatically guide users to the most secure method available (favoring passwordless sign-in).
What is a Passkey?
A passkey is a cryptographic key pair (public and private key).
The public key is stored by Microsoft, the private key remains secured on your device.
You authenticate by using your device’s security features (e.g., Windows Hello, Face ID, fingerprint scan).
Passkeys are based on WebAuthn standards and work across devices.
If you lose your device, you can restore access via cloud-backed methods like iCloud Keychain or Google Password Manager.
Additional Details:
Visual Revamp: Microsoft updated the look of its sign-in/sign-up process, making it cleaner and more focused on passwordless security.
Existing Users: Current account holders can opt-in for passwordless sign-in by removing passwords from their settings.
As more users move to passkeys, passwords could eventually be phased out entirely.
Why this Matters
Passwords are a common weak point in security, being susceptible to theft or phishing.
Passkeys and passwordless logins are more secure and reduce the risk of unauthorized access.