Adapted by:
Javier Márquez
WriterI've been in media for over a decade, but I've been marveling at the possibilities that technology brings us much longer. I believe we live in a world where the digital revolution is changing everything and that Xataka is the best place to write about it.
Alba Mora
WriterAn established tech journalist, I entered the world of consumer tech by chance in 2018. In my writing and translating career, I've also covered a diverse range of topics, including entertainment, travel, science, and the economy.
Passwords have been essential to our digital lives for decades, but their dominance is fading. This decline isn’t just due to the security risks of relying solely on passwords. Passkeys are a more modern, effective, and user-friendly alternative. Microsoft recently made a significant move toward making this the new standard.
Creating an account without a password. Anyone can create a Microsoft account without setting a password. This isn’t a secondary option but the new default method, and the process is incredibly straightforward.
To create an account without a password, visit account.microsoft.com, click Sign in, and then select Create one! You’ll be asked for an email address for verification purposes. After entering the verification code sent to that email, you can choose to sign in with your face, fingerprint, or PIN.
There are no complicated password fields or arbitrary requirements. Once you complete this process, a passkey is generated and stored automatically in your device manager, like iCloud Keychain for Safari, or directly in the browser using Edge or Chrome.
Passkeys at the center. This change is part of a larger strategy developed by Microsoft in collaboration with the FIDO Alliance and other prominent tech companies. Passkeys are cryptographic keys based on open standards, designed to provide faster, more secure, and phishing-resistant access. Instead of storing a password on a server, only a public key is kept. The private key, which authenticates the user, remains on the user’s device and is never shared.
Thanks to this design, passkeys eliminate traditional attack vectors. There’s nothing to intercept, steal, or guess. The best part is that passkeys work with a single action: unlocking the device, just as you do every day.
What Microsoft says. The company claims that nearly one million passkeys are registered daily across its services. Internal figures support this claim. Users who sign in with a passkey have a 98% success rate, compared to 32% for those using passwords and two-step verification. Moreover, logging in with a passkey is reportedly up to eight times faster.
“We believe that great usability and great security go hand in hand,” Microsoft says. In fact, the company’s new registration and sign-in process prioritizes passwordless options. If a user already has a passkey or an alternative authentication method set up, the system will use it by default, with the traditional password presented only as a last resort. This approach has reduced password use by more than 20% in internal tests.
Transition is underway. This isn’t an immediate end to passwords, but rather the beginning of their decline. Although Microsoft allows for the continued use of passwords on existing accounts, it encourages users to remove them from their settings. Simultaneously, the company is working to minimize password use at every login.
However, the convenience of passkeys shouldn’t overshadow an important point. Users need to be aware of where and how they store their passkeys. If all synchronized devices are lost, recovery options must be configured (if available in the chosen service).
A response to rising cyberattacks. The tech industry is evolving in response to increasing threats. According to Microsoft, password-based attacks exceeded 7,000 attempts per second in 2024, more than double the rate from the year before. As passkeys gain traction, attackers are shifting their focus back to traditional methods.
The FIDO Alliance estimates that more than 15 billion accounts may already use passkeys instead of passwords. However, there’s still more work to be done. Adoption is rising rapidly, with companies such as Google, PayPal, Shopify, and Yahoo! Japan implementing these passkeys in their systems.
A new era. Passkeys represent more than just a technical advancement. They signify a cultural shift in how users understand digital security. Despite a more seamless experience, there are still improvements to be made. With Microsoft leading the charge, an era without passwords seems closer than ever.
Image | Microsoft
View 0 comments