I Replaced My Microsoft Account Password With A Passkey - And You Should, Too

Trending 1 month ago
  1. Home
  2. Tech
  3. I Replaced My Microsoft Account Password With A Passkey - And You Should, Too
passkey concept
SEAN GLADWELL/Getty Images

These days, I'm very celebrated successful Russia, Ukraine, Moldova, Bosnia-Herzegovina, and moreover Albania. At least, that's what it looks for illustration based connected this database of caller attempts to motion successful to my Microsoft account. (It's disposable for immoderate Microsoft relationship astatine this guidance page: https://account.microsoft.com. After signing in, click Security and past click "View my sign-in activity.")

unsuccessful-msa-attempts

What these attackers don't cognize is that each password is incorrect for this passwordless account.  

Screenshot by Ed Bott/ZDNET

In my case, those hopeless hackers are wasting their time. They tin effort each operation of letters, numbers, and symbols successful each alphabet known to humanity, moreover if it takes until nan extremity of nan universe, and they will ne'er conjecture nan password for my Microsoft account.

Also: 10 passkey endurance tips: Prepare for your passwordless early now

Why americium I truthful confident? Because, agelong ago, I chose nan action to make that relationship passwordless, replacing nan password pinch a passkey that allows maine to entree nan services connected to my Microsoft relationship utilizing biometrics aliases a instrumentality PIN connected my Windows PC. If immoderate alien wants to motion successful to my relationship connected a caller device, they'll person to person maine to o.k. that sign-in utilizing a instrumentality I've already group up. (Sorry, Ivan, I say nyet to unsolicited requests from Russia.)

Should you move from password to passkey?

Microsoft wants you to do conscionable for illustration I did and ditch your password. Earlier this year, nan institution rolled retired a caller personification acquisition that is "optimized for a passwordless and passkey-first experience." These caller features tin beryllium utilized pinch immoderate free Microsoft relationship but aren't disposable pinch Entra ID accounts that are utilized for Microsoft 365 Business and Enterprise subscriptions and to motion successful to firm networks.

Also: The champion VPN services (and really to take nan correct 1 for you)

So, should you do it? For astir people, nan reply is yes. Removing your password dramatically increases nan information of your Microsoft relationship and makes it acold much resistant to phishing attacks. Once you've removed your password, nan only measurement to motion successful to a instrumentality is by proving your personality utilizing passkeys tied to biometrics (fingerprint aliases look recognition), hardware information keys, aliases syncable passkeys saved successful a password manager. You besides person nan action to respond to a push notification connected a trusted device, arsenic shown here.

authenticator-sign-in-option

The default method for signing successful to a passwordless Microsoft relationship is pinch an Authenticator app connected a instrumentality you own.

Screenshot by Ed Bott/ZDNET

The only method logic not to make this alteration is if you usage aged apps aliases hardware devices that don't support modern authentication methods: Office 2010 aliases earlier; Office for Mac 2011 aliases earlier; Xbox 360; aliases a PC moving Windows 8.1 aliases earlier. You'll besides tally into problems if you usage nan Remote Desktop characteristic to link to different PC utilizing your Microsoft account.

Also: How I easy group up passkeys done my password manager

Going passwordless is not a measurement you return casually. Along pinch that other information comes an accrued consequence that you'll fastener yourself retired of your account. You tin mitigate that consequence by making judge you person aggregate unafraid ways to entree your relationship earlier you region your password.

Ready to get started? Let's go. Oh, and do not skip Step 5.

Step 1: Check your existent information settings

Go to your Microsoft relationship guidance page at https://account.microsoft.com and motion successful utilizing your password. Click nan Security tab and past click "Manage really I motion in." That should unfastened a page for illustration nan 1 shown here:

microsoft-account-security-page

Add astatine slightest 2 ways to beryllium who you are. An Authenticator app and an email reside are your champion choices. 

Screenshot by Ed Bott/ZDNET

This is an relationship I created for trial purposes. It has a password, and I've added an email reside to beryllium utilized for verification purposes. Note nan 2 options nether nan "Additional security" heading -- Passwordless relationship and Two-step verification -- are some off.

Click "Add a caller measurement to motion successful aliases verify." That opens nan page shown here:

add-a-new-way-to-sign-in

Use nan 2nd action to group up nan Microsoft Authenticator app arsenic a measurement to motion in.

Screenshot by Ed Bott/ZDNET

Step 2: Set up an authenticator app connected your mobile device


Click nan mediate option, "Use an app." This gives you 2 choices. The Microsoft Authenticator app relies connected push notifications; you tin besides group up a classical Time-based One-Time Password (TOTP) authenticator and make six-digit codes you proviso connected request.

To usage nan Microsoft Authenticator, download and instal nan Microsoft Authenticator app connected your mobile instrumentality and past click Next to show a QR codification for illustration nan 1 shown here:

set-up-msa-authenticator

Scan this QR codification to group up your Microsoft relationship successful nan Authenticator app.

Screenshot by Ed Bott/ZDNET

Open nan Authenticator app connected your mobile device, click nan positive sign, and scan nan QR codification utilizing nan smartphone camera to adhd your caller account. The consequence should look thing for illustration this:

authenticator-setup-complete

After you make your relationship passwordless, nan Change Password action will disappear.

Screenshot by Ed Bott/ZDNET

If you'd for illustration to usage different TOTP app, specified arsenic Authy aliases Google Authenticator, click "Use an app." In nan "Set up nan Microsoft Authenticator" dialog, take nan action to group up a different Authenticator app. That produces a barroom codification that creates a modular 6-digit TOTP codification that you participate erstwhile you request to authenticate. Note that you tin usage this action pinch Microsoft Authenticator arsenic well. Choose nan action to group up a different app and past adhd nan relationship to Microsoft Authenticator utilizing nan supplied barcode. That will consequence successful 2 entries, 1 that uses notifications, nan different that uses TOTP codes.

You're not done yet. To support from being locked retired of your account, you'll request astatine slightest 2 different ways to motion in.

Step 3: Set up a passkey utilizing your PC aliases Mac

If your Windows PC aliases Mac support biometric authentication, you tin usage that method to create a device-bound passkey. Choose nan "Face, fingerprint, PIN, aliases information key" action to create a passkey that's tied to that biometric hardware, utilizing Windows Hello pinch look nickname aliases a fingerprint scholar connected a Windows PC, aliases an Apple iCloud Keychain passkey, utilizing Touch ID connected a MacBook. You tin besides usage this action pinch a USB information key.

After mounting it up, you'll motion successful utilizing a dialog for illustration this one.

sign-in-with-passkey

You tin motion successful to a Microsoft relationship utilizing a passkey tied to Windows Hello, utilizing your look aliases fingerprint

Screenshot by Ed Bott/ZDNET

If you person a PC moving nan latest merchandise of Windows 11, you tin usage Windows Hello to create and prevention passkeys for different sites and services arsenic well. For astir third-party sites, a passkey is an further replacement you tin usage alternatively of a password, not a complete replacement arsenic it is for a passwordless Microsoft account.

Step 4: Add astatine slightest 1 much backup authentication option

From nan dialog successful Step 1, take astatine slightest 1 of nan pursuing options arsenic an further sign-in method.

  • Click "Email a code" to participate an alternate email reside (not nan 1 tied to your Microsoft account!) wherever you tin person a code.
  • Click "Show much options" to show nan action to participate a telephone number wherever you tin person a codification via SMS. In summation to your individual phone, see adding a telephone number that belongs to your spouse aliases partner, which gives you an other replacement if your ain telephone is mislaid aliases stolen.
  • Select "Use an app" and group up a non-Microsoft authenticator app arsenic described successful Step 2. (Consider mounting up that app connected a telephone different than your superior phone, if possible.)
  • If your password head supports this feature, you tin besides create a syncable passkey that you tin usage connected immoderate instrumentality wherever you're signed successful utilizing that software. Dashlane, 1Password, and Bitwarden each support this feature.

Step 5: Create a betterment codification and prevention it successful a unafraid location

Do not skip this step! This is your "In lawsuit of emergency, break glass" option.

Go backmost to nan "Manage really I motion in" page from Step 1 and scroll each nan measurement to nan bottommost of nan page. Under nan "Recovery code" heading, click nan action to make a caller code. Print it retired and prevention nan codification successful a safe location. Consider sending a transcript via email to a trusted friend aliases family personnel who tin stash it distant successful lawsuit you request it.

If each other fails, this codification will make definite that you tin retrieve your account. 

Step 6: Turn connected nan passwordless option

You don't person to do this measurement correct away. All of nan passwordless options you group up (Authenticator app, passkeys, and truthful on) will activity correct away. Give yourself a week aliases 2 to make judge everything's moving arsenic expected. When you're ready, spell backmost to nan "Manage really I motion in" page, scroll to nan "Passwordless account" section, and move that action on.

More

Related Article

How To Choose The Best Tv For Gaming Right Now

How To Choose The Best Tv For Gaming Right Now

4 hours ago 4
A California Bill That Would Regulate Ai Companion Chatbots Is Close To Becoming Law

A California Bill That Would Regulate Ai Companion Chatbots Is Close To Becoming Law

6 hours ago 4
Perplexity Reportedly Raised $200m At $20b Valuation

Perplexity Reportedly Raised $200m At $20b Valuation

7 hours ago 4

Popular Article

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

1 month ago 414
New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

1 month ago 261
American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Routes, Ballooning Us Travel Industry

American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Rou...

1 month ago 229
Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

1 month ago 212
Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

1 month ago 206
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2025 Vokash.
All Rights Reserved.