Microsoft to Introduce Third-Party Passkey Support in Windows 11 for Seamless Passwordless Authentication
Microsoft is expanding passkey support in Windows 11 to enable passwordless authentication with third-party services.
Published: Oct 16, 2024
Key Takeaways:
- Microsoft is expanding passkey support in Windows 11, integrating with third-party services like 1Password and Bitwarden to offer more secure, passwordless authentication options.
- Passkeys, secured through biometrics or PINs, provide stronger protection against phishing attacks and data breaches.
- A redesigned Windows Hello experience will streamline the creation, saving, and usage of passkeys.
Microsoft has announced that it’s expanding support for passkeys in Windows 11. The company has updated the Windows 11 API to support third-party passkey authentication services, including 1Password and Bitwarden.
Passkeys are a modern authentication method designed to replace traditional passwords with a more secure alternative. They use cryptographic keys stored securely on a user’s device for authentication. Customers can use passkeys with biometric authentication (such as face recognition or fingerprint) or a device PIN. Passkeys are resistant to phishing attacks and data breaches because private keys can’t be intercepted or stolen.
Microsoft has outlined several improvements to enhance passwordless authentication in Windows 11, including support for third-party passkeys. This new feature will allow users to authenticate on their PCs using the same passkey they created on their mobile devices.
Enhanced Windows Hello passkey experience coming to Windows Hello PCs
Additionally, Microsoft has redesigned the Windows Hello experience, making it simpler for Windows 11 users to create, save, and manage passkeys. When visiting a website that supports passkeys, users will be prompted to easily set one up using their Microsoft account and Windows Hello.
“As a user, you can navigate to a website that supports passkeys and get prompted to select how you want to save your passkeys. You will be asked to complete a one-time setup with your Microsoft account, and you will be prompted to save a recovery key that will be used to verify your identity and protect your passkeys through end-to-end encryption,” Microsoft explained.
Once a passkey is created, users can authenticate across multiple Windows 11 PCs using facial recognition, fingerprint, or a PIN. All passkeys are secured with end-to-end encryption and protected by Windows 11’s Trusted Platform Module (TPM).
Microsoft plans to test these new passkey features with Windows Insiders in the coming months. The company will keep listening to feedback to improve this new passkey experience before it becomes generally available for all Windows 11 users.
In recent years, Microsoft has advocated for passwordless authentication methods like Windows Hello and multifactor authentication (MFA). It’s great to see the company now taking a collaborative approach to expand passkey support in order to offer a more secure login experience on Windows 11 PCs.
In related news, the FIDO Alliance has recently published new specifications that will allow users to import and export passkeys. The draft of the specifications introduces the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) to standardize the transfer of various credentials, including passkeys, between different credential managers.