Microsoft’s Passwordless Security Push to Affect Over 1 Billion Users

Old habits die hard and Microsoft’s efforts to get users and organizations to adopt passwordless authentication has been a slow burn. At last week’s Secure 2025 event, Microsoft announced that it’s hoping to encourage more users to choose passwordless authentication by improving the Microsoft Account login experience. Here’s what we found out.

Microsoft and other big players, like Google and Apple, are trying to persuade users to ditch insecure passwords and to move to a passwordless future. At Microsoft Secure 2025, a new authentication experience for Microsoft Accounts was revealed. At this stage, it’s only for consumers. But Microsoft said that if this goes well, then the changes will roll out to Microsoft work and school accounts.

Passwordless authentication allows users to authenticate with a biometric gesture, like facial recognition or a fingerprint. If you don’t have the right hardware, then a PIN code can be used instead.

What exactly is changing? Microsoft says that the steps for the sign-in and the sign-up process have been reordered for a more logical flow. They’re going to encourage passwordless right from the start of the sign-up process. Rather than asking users to set a password as the first step, users will need to confirm their email address right at the beginning to make sure accounts are recoverable and prepared for passwordless.

Local device theme support

There are some design changes as well in terms of the way that the experience looks. The login box is now customized according to your local device themes. Whether you’re in light mode or dark mode, the login will be adjusted accordingly.

Microsoft branding for user confidence

Branding has been improved so users are in no doubt that this login is a Microsoft feature. Microsoft is stamped all over it to give users confidence they’re dealing with a trusted entity.

A redesigned flow for signing up for a Microsoft Account

If you’ve used the multi-factor authentication and passwordless setup process that exists today, you’ll know that it’s not the most logical or intuitive experience. Even IT Pros might struggle considering the current design.

Microsoft is working to simplify the process. Once users have verified their email address with a code, users can easily enroll a passkey on the device because the email verification ensures the account is always secure and recoverable. And as I found out late last year as I tried to recover my Apple ID, that’s an important step.

If you don’t have a recovery method in place for an account, it can be a problem to regain access. Setting up a recovery method should be a default action when enabling advanced security features like multifactor and passwordless. Microsoft is making sure that’s in place right from the get-go.

Create a passkey instead of an insecure password

Once users have gone through the initial setup process, by default they will be invited to create a passkey. Microsoft will still allow users to create a password but they’re going to try and persuade you that a passkey is a more secure alternative.

Consumer guinea pigs pave the road for a commercial rollout

Microsoft commonly tests features destined for commercial customers on consumers. Much like it is testing Copilot+ PCs with consumers first and holding off pushing them to commercial customers until the experience is more refined.

The new authentication and sign-up experience is coming to consumer Microsoft Accounts, to Windows, Xbox, and Microsoft 365 initially. It will affect over 1 billion users so it will be important for getting more people off insecure passwords. Passwordless authentication promises to significantly improve security and as Microsoft tweaks the sign-up process based on the feedback, they can perfect it for corporate users.