Saturday , May 24 2025
Passwordless

Microsoft New Accounts Go Passwordless By Default

infosecbulletin 3 weeks ago Hot Topic

Microsoft is focusing on eliminating password-based authentication, promoting passwordless sign-in and sign-up methods instead. For the past decade, Microsoft has allowed users to sign in using facial recognition, fingerprints, or a PIN with Windows Hello. Now, over 99% of users use this method to access their Windows devices, according to the company.

To allow users to sign into accounts without passwords, the industry created passkeys. These provide phishing-resistant authentication for any compatible app or website.

Evaly E-commerce Platform Allegedly Hacked

By infosecbulletin / Saturday , May 24 2025
Evaly, a Bangladeshi e-commerce platform, is reportedly facing a major data breach that may have exposed sensitive information of around...
Read More
Evaly E-commerce Platform Allegedly Hacked

Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

By infosecbulletin / Friday , May 23 2025
A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

184 Million Leaked Credentials Discovered in Open Database

By infosecbulletin / Friday , May 23 2025
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
184 Million Leaked Credentials Discovered in Open Database

Palo Alto Networks Warns of XSS Flaw: PoC Released

By infosecbulletin / Wednesday , May 21 2025
Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
Palo Alto Networks Warns of XSS Flaw: PoC Released

Pwn2Own Berlin reveals 29 critical vulns in major tech firms

By infosecbulletin / Wednesday , May 21 2025
Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
Pwn2Own Berlin reveals 29 critical vulns in major tech firms

High-Severity Flaw Hits Atlassian Jira Data Center

By infosecbulletin / Wednesday , May 21 2025
A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
High-Severity Flaw Hits Atlassian Jira Data Center

All major mobile networks go down across Spain

By infosecbulletin / Tuesday , May 20 2025
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
All major mobile networks go down across Spain

Researchers found 200 billion files exposed in cloud buckets

By infosecbulletin / Monday , May 19 2025
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
Researchers found 200 billion files exposed in cloud buckets

Bank server compromised using customer’s mobile, steal ₹11 crore

By infosecbulletin / Sunday , May 18 2025
Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
Bank server compromised using customer’s mobile, steal ₹11 crore

“InfoSecCon-2025″ held successfully promising cyber resilience

By infosecbulletin / Sunday , May 18 2025
"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
“InfoSecCon-2025″ held successfully promising cyber resilience

As more users adopt passwordless authentication, attackers are focusing on accounts secured by passwords, using brute-force and phishing methods. Last year, Microsoft recorded over 7,000 password attacks every second.

“As passkeys become the new standard, expect increased pressure from cyberattackers on any accounts still protected by passwords or other phishable sign-in methods,” the company says.

Microsoft is now simplifying passwordless sign-ins for its services like Xbox and Copilot after introducing passkey support.

A simplified sign-in and sign-up user experience now streamlines and prioritizes passwordless authentication, while new Microsoft accounts now provide users with several passwordless options, eliminating the need to enroll a password.

Existing Microsoft users, the company says, can now delete their passwords from the account’s settings. Microsoft is now automatically detecting and setting the best sign-in method for users to prioritize safety.

“For example, if you have a password and ‘one time code’ set up on your account, we’ll prompt you to sign in with your one time code instead of your password. After you’re signed in, you’ll be prompted to enroll a passkey. Then the next time you sign in, you’ll be prompted to sign in with your passkey,” Microsoft explains.

Check Also

€530 million

TikTok fined €530 million for sending E.U. Data to China

Ireland’s Data Protection Commission fined TikTok €530 million ($601 million) on Friday for violating data …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin