Microsoft and Google Bring Passkey Access to Many More Users

Why Trust Techopedia
Key Takeaways

  • Microsoft is now making passkeys available to all consumer accounts.
  • Google is also expanding passkeys to high-risk users.
  • Both promise more secure alternatives to passwords.

Microsoft and Google have marked World Password Day by expanding passkey access to more people, helping to get rid of passwords altogether.

Microsoft has made passkey support broadly available to consumer accounts. While it was already present in Windows 11, you now have the option for Microsoft 365 and Copilot AI for both desktop and mobile web browsers. The mobile versions of Microsoft’s apps will support passkeys in the “coming weeks,” the company said.

You’ll need to enable a passkey on your Microsoft account by configuring the sign-in options and choosing “Face, fingerprint, PIN, or security key.” Once configured, you won’t have to type in a password or turn to an authenticator app for a code. Workers can use keys if Entra ID is set to accept them through physical keys or the Authenticator app.

Google, meanwhile, has expanded passkey access to members of its Advanced Protection Program. Politicians, journalists, and other high-risk targets can now use other passkeys beyond hardware security keys, whether by themselves or alongside passwords.

The approach remains familiar. Google and Microsoft passkey support relies on a cryptographic key par: one key on your device, and another linked to the relevant app or website. As you need both keys to get in, it’s harder for phishing campaigns to succeed — they can’t offer the counterpart key.

A passkey is also more private, as it doesn’t share biometric or PIN data beyond your device.  They’re frequently more convenient as they can sync across hardware, easing the setup process for a new system.

Passwords are still widespread, and remain a security issue. Microsoft pointed out that its identity systems now spot over 4,000 password attacks per second, and browsers like Chrome now routinely warn if passwords have been compromised. However, the Microsoft and Google passkey expansions could go some way toward reducing the reliance on classic sign-in methods.