Microsoft Entra ID Boosts Security with Expanded Passkey
Microsoft Entra
May 3, 2024 6:00 AM

Microsoft Entra ID Boosts Security with Expanded Passkey

by HubSite 365 about Microsoft

Software Development Redmond, Washington

AdministratorMicrosoft EntraLearning SelectionM365 Admin

Microsoft Entra IDs Passkey Expansion: The Future of Passwordless Authentication!

Key insights



Shift to Passkeys: Towards a Passwordless Future

As digital security threats continue to evolve, the tech industry seeks innovative solutions to traditional pitfalls, such as password vulnerabilities. Leading the charge, Microsoft introduces expanded passkey support, a groundbreaking step away from password dependency. This initiative is part of a broader, joint effort by tech giants to usher in a passwordless era, leveraging built-in authentication methods like facial recognition and fingerprints for increased security and convenience.

Passkeys, grounded in public-private key cryptography, offer a promising solution to phishing and other cyber threats by ensuring access is tightly bound to the user's device and identity. Their adoption reflects a significant shift in our approach to digital security, aligning with the FIDO Alliance's standards and aiming to outpace attackers by eliminating the weakest link: passwords themselves.

Public preview: Expanding passkey support in Microsoft Entra ID. The need to remember lengthy, complicated passwords could soon be a thing of the past. This is due to passkeys, a new login technology that uses the authentication features of your devices.

Passkeys are more secure than passwords or PINs, as they cannot be stolen. They allow access to supported websites, apps, and services through mechanisms like Face ID or fingerprint recognition. Built on WebAuthn tech, passkeys are stored directly on your device and can be used with hardware security keys.


Apple, Google, and Microsoft Entra announced passkey support in their platforms in 2022. Password managers like 1Password and Dashlane also support the technology, facilitating the backup and sync of passkeys across devices. As of 2024, 20 percent of the world's top websites now support passkeys, covering over 13 billion accounts.

It's expected that passkeys will eventually replace passwords. This blog post follows all updates and developments in the passkey integration, including which companies are preparing for a passwordless future.

  • Microsoft launches passkey support for all consumer accounts.
  • Over 400 million Google accounts have utilized passkeys.
  • Passkeys might truly replace passwords.

To defeat phishing attacks, Microsoft Entra is employing passkeys. These are phishing-resistant authentication methods that work with any resource supporting the W3C WebAuthN standard. The evolution of the FIDO2 standard has allowed for a move towards a passwordless system.

Passkeys provide high security by being URL-specific, device-specific, and user-specific. This makes them nearly impossible to phish. Users can host their passkeys on hardware security keys or devices like phones, tablets, or PCs, making them versatile and secure.

Device-bound passkeys and syncable passkeys serve different organizational needs. Device-bound passkeys offer extreme security but are not as flexible as syncable passkeys, which can be backed up and shared between devices. This flexibility helps transition away from passwords while maintaining high security.

Syncable passkeys ease many usability challenges, offering high security without the need for passwords. Microsoft's roadmap for 2024 includes support for both device-bound and syncable passkeys in Microsoft Entra ID and Microsoft consumer accounts. The aim is to make syncable passkeys the preferred option.

Device-bound keys in Microsoft Authenticator are essential for highly regulated customers, providing a secure but familiar way to sign in. This system meets strict requirements while offering ease of use. Organizations become responsible for managing these passkeys, emphasizing the importance of device-bound security in certain sectors.

Microsoft's commitment to passwordless authentication is strong, with ongoing enhancements planned for its products. Feedback is encouraged to help refine and expand passwordless options for users worldwide.

Read the full article Public preview: Expanding passkey support in Microsoft Entra ID

Microsoft Entra - Microsoft Entra ID Boosts Security with Expanded Passkey



People also ask

Does Entra ID support passkeys?

Passkeys, recognized for their strong and phishing-resistant qualities, have recently been integrated into Entra ID. Specifically, in early April, Entra ID began offering preview support for passkeys within the Microsoft Authenticator app for Multi-Factor Authentication (MFA) purposes, although this functionality is currently restricted to applications that leverage Entra ID.

Does Microsoft support passkeys?

Microsoft has embraced the use of passkeys, allowing users to access their Microsoft accounts — be it personal, work, or school-related — through various secure methods such as facial recognition, fingerprint scanning, or PINs. This process is not only expedited but also significantly enhances security by mitigating phishing risks. Presently, passkeys are compatible with both desktop and mobile browsers, with plans to extend support to mobile apps in the near future.

Does Microsoft account support FIDO2?

Microsoft has been proactive in incorporating FIDO2 authentication, offering native support in preview for users across its applications, given that they have a compatible authentication broker configured on their operating system. Additionally, third-party applications that use the authentication broker can also benefit from FIDO2 authentication in preview.

What is new with Entra ID?

Starting March 31st, 2024, Entra ID will implement new measures for managing risk detections. Specifically, all detections and user accounts deemed "low" risk that have persisted for more than six months will be systematically aged out and dismissed. This update aims to streamline the risk management process, allowing customers to focus their efforts on addressing more pertinent security concerns and ensuring a more efficient investigation workflow.



Microsoft Entra ID passkey support, public preview passkey Microsoft, expanding passkey support Entra ID, Microsoft Entra ID passkey expansion, Entra ID passkey public preview, Microsoft passkey support enhancement, Entra ID Microsoft passkey features, Microsoft authentication passkey Entra