Microsoft did support passkeys, but did not let you log in to its own services with them. That is now changing.
May 2 is World Password Day, and on this occasion several tech companies are focusing on security on the internet. It turned out to be an excellent moment for Google to talk about one future without passwords to have. Microsoft also followed suit and immediately took action word: users can now log in to their Microsoft account with passkeys, and therefore without a password. For the time being, the support only applies to personal Microsoft accounts, and not to business users.
Microsoft has been offering options to log in without a password since 2021. As a result, you have been able to log in for a long time without first entering a password using the Microsoft Authenticator app. To do this, you still had to get the Authenticator app and enter a code. That is now also a thing of the past: passkeys work much faster, and you as a user have to put in less effort.
How do passkeys work?
When you first try to log in with a passkey, that special key will be created for you. That key is stored encrypted on your device. That way, no one except yourself can get that key. That key remains secret: the websites you try to log in to will not see it.
Instead, a hash function is performed on that key. This makes it impossible for hackers to determine what the original key is, but extremely easy for websites to determine whether everything is correct. The website itself has a database with so-called ‘hashes’. Does the hash of your passkey appear in that database? Then you will get access to the website. Because it is impossible to trace that hash to a passkey, this is a very safe login method.
For users, passkeys are not only interesting because they are secure, but also because they are so easy to use. On Windows devices you can unlock passkeys with a PIN code, with a fingerprint or with a facial scan via Windows Hello. This was already possible for various services, but not yet for Microsoft itself.
That is now changing. To create a passkey for your Windows device yourself, you can click on this link. Please note: passkeys are always device-specific. So just because you have created such a passkey on your smartphone does not mean it will also work on your laptop. It is therefore a good idea to immediately create such a passkey on multiple devices.