Windows 11 world without passwords: passkey features are coming
Microsoft’s new 23H2 operating system update brings Windows 11 to a password-free world where features built around access keys will debut. The company announced new options at its Surface and AI event in New York, and they will include, among other things, the ability to sign in to sites and applications using access keys that are stored locally on your device.
Unlike passwords that are stored on servers, and thus can be intercepted or hacked, access keys should be more secure due to the aforementioned local storage. However, the good thing is that you don’t need to remember them to sign in to supported apps and sites. Instead, you can simply verify your identity with biometric data – such as facial recognition or a fingerprint scan.
The scan then “unlocks” the access key to access your accounts and logins. In English passkeythe access key can also work with the PIN or pattern that we normally use on smartphones, but you cannot write it down or accidentally give it to the wrong person.
Companies such as Google, Microsoft, and Apple are steadily moving away from the traditional way of logging into accounts, building a “passwordless future,” encouraging users to embrace biometric authentication and access keys.
Apple announced a similar feature for the iOS 17 operating system for iPhone devices, and Google recently enabled this method of logging into its accounts as a replacement for passwords.
In the case of Windows 11, users will be able to create an access key with the Windows Hello feature and use it to access a site or application using facial recognition, fingerprint scanning, or Windows PIN.
Due to a partnership with the FIDO Alliance (Fast Identity Online), this feature should also work with sites like GitHub, DocuSign, PayPal, and others that support access keys, the Microsoft blog says.
In addition, IT teams working with Windows 11 devices will be able to remove the option to enter a password on the Windows Hello for Work feature. This should encourage teams to opt for more secure login methods such as biometrics, two-factor authentication or passkey.
Of course, for now, passwords should not be completely abolished, as in the case of Google moves, but that there is simply the possibility to get rid of them and switch to access keys, which is the current trend in cyber security.