InfoSecBulletin Cybersecurity for mankind
Microsoft is focusing on eliminating password-based authentication, promoting passwordless sign-in and sign-up methods instead. For the past decade, Microsoft has allowed users to sign in using facial recognition, fingerprints, or a PIN with Windows Hello. Now, over 99% of users use this method to access their Windows devices, according to the company.
To allow users to sign into accounts without passwords, the industry created passkeys. These provide phishing-resistant authentication for any compatible app or website.
World’s first wind power underwater data center is now live
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild
AI-designed First ‘universal vaccine’ tested in humans
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
Hacker now exploits recently patched SolarWinds Serv-U flaw
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026
CVE-2026-20230
Cisco Patches in Unified CM as Exploit Code Goes Public
1-Click GitHub Token Flaw Allows Attackers Steal Users’ OAuth Tokens
As more users adopt passwordless authentication, attackers are focusing on accounts secured by passwords, using brute-force and phishing methods. Last year, Microsoft recorded over 7,000 password attacks every second.
“As passkeys become the new standard, expect increased pressure from cyberattackers on any accounts still protected by passwords or other phishable sign-in methods,” the company says.
Microsoft is now simplifying passwordless sign-ins for its services like Xbox and Copilot after introducing passkey support.
A simplified sign-in and sign-up user experience now streamlines and prioritizes passwordless authentication, while new Microsoft accounts now provide users with several passwordless options, eliminating the need to enroll a password.
Existing Microsoft users, the company says, can now delete their passwords from the account’s settings. Microsoft is now automatically detecting and setting the best sign-in method for users to prioritize safety.
“For example, if you have a password and ‘one time code’ set up on your account, we’ll prompt you to sign in with your one time code instead of your password. After you’re signed in, you’ll be prompted to enroll a passkey. Then the next time you sign in, you’ll be prompted to sign in with your passkey,” Microsoft explains.
