Saturday , May 3 2025
Passwordless

Microsoft New Accounts Go Passwordless By Default

infosecbulletin 7 hours ago Hot Topic

Microsoft is focusing on eliminating password-based authentication, promoting passwordless sign-in and sign-up methods instead. For the past decade, Microsoft has allowed users to sign in using facial recognition, fingerprints, or a PIN with Windows Hello. Now, over 99% of users use this method to access their Windows devices, according to the company.

To allow users to sign into accounts without passwords, the industry created passkeys. These provide phishing-resistant authentication for any compatible app or website.

TikTok fined €530 million for sending E.U. Data to China

By infosecbulletin / Friday , May 2 2025
Ireland's Data Protection Commission fined TikTok €530 million ($601 million) on Friday for violating data protection laws by transferring European...
Read More
TikTok fined €530 million for sending E.U. Data to China

Microsoft New Accounts Go Passwordless By Default

By infosecbulletin / Friday , May 2 2025
Microsoft is focusing on eliminating password-based authentication, promoting passwordless sign-in and sign-up methods instead. For the past decade, Microsoft has...
Read More
Microsoft New Accounts Go Passwordless By Default

SonicWall Patched for SSRF Vulnerability in SMA1000 Appliances

By infosecbulletin / Friday , May 2 2025
SonicWall's Product Security Incident Response Team (PSIRT) has released a critical update for its SMA1000 series appliances due to a...
Read More
SonicWall Patched for SSRF Vulnerability in SMA1000 Appliances

Patch Now! SonicWall Confirms Active Exploitation of SMA 100 Vulns

By infosecbulletin / Thursday , May 1 2025
On April 29, 2025, SonicWall announced that two previously disclosed vulnerabilities in its SMA 100 Series appliances are being actively...
Read More
Patch Now! SonicWall Confirms Active Exploitation of SMA 100 Vulns

Commvault Confirms Its Azure Cloud Environment Breach via Zero-Day Attack

By infosecbulletin / Thursday , May 1 2025
Commvault confirmed that a sophisticated cyberattack exploiting a zero-day vulnerability breached its Azure cloud environment earlier this week. On February...
Read More
Commvault Confirms Its Azure Cloud Environment Breach via Zero-Day Attack

Ransomware Attack On Biopharma : Hacker seeks $80k

By infosecbulletin / Thursday , May 1 2025
Indian Pimpri Chinchwad police's cyber cell is looking into a complaint where a hacker demanded $80,000 (over Rs 68 lakh)...
Read More
Ransomware Attack On Biopharma : Hacker seeks $80k

Apple warns new victims of spyware attacks across the world

By infosecbulletin / Thursday , May 1 2025
This week, Apple notified several individuals it believes were targeted by government spyware, according to two of those individuals. As...
Read More
Apple warns new victims of spyware attacks across the world

Ticket resaler exposed ​​520,054 records size of 200 GB

By infosecbulletin / Wednesday , April 30 2025
Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database with 520,054 records from an event ticket resale platform and reported it...
Read More
Ticket resaler exposed ​​520,054 records size of 200 GB

“bCloud” Starts Journey in Bangladesh Targeting Cloud Solutions

By infosecbulletin / Wednesday , April 30 2025
Banglalink, the country’s leading digital operator, has launched bCloud, its very own cloud service brand aimed at delivering world-class cloud...
Read More
“bCloud” Starts Journey in Bangladesh Targeting Cloud Solutions

Researcher Found Multiple Vulnerabilities In Apple’s AirPlay Protocol

By infosecbulletin / Wednesday , April 30 2025
Security vulnerabilities in Apple's AirPlay Protocol and SDK put both third-party and Apple devices at risk of various attacks, including...
Read More
Researcher Found Multiple Vulnerabilities In Apple’s AirPlay Protocol

As more users adopt passwordless authentication, attackers are focusing on accounts secured by passwords, using brute-force and phishing methods. Last year, Microsoft recorded over 7,000 password attacks every second.

“As passkeys become the new standard, expect increased pressure from cyberattackers on any accounts still protected by passwords or other phishable sign-in methods,” the company says.

Microsoft is now simplifying passwordless sign-ins for its services like Xbox and Copilot after introducing passkey support.

A simplified sign-in and sign-up user experience now streamlines and prioritizes passwordless authentication, while new Microsoft accounts now provide users with several passwordless options, eliminating the need to enroll a password.

Existing Microsoft users, the company says, can now delete their passwords from the account’s settings. Microsoft is now automatically detecting and setting the best sign-in method for users to prioritize safety.

“For example, if you have a password and ‘one time code’ set up on your account, we’ll prompt you to sign in with your one time code instead of your password. After you’re signed in, you’ll be prompted to enroll a passkey. Then the next time you sign in, you’ll be prompted to sign in with your passkey,” Microsoft explains.

Check Also

symlink

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin