Google and Microsoft move decisively toward passkeys and stronger sign-in defaults
Microsoft announced major changes to Entra ID that make passkeys the default authentication experience in the public cloud, with SMS and voice gradually being phased down. The company also introduced new controls for Windows SSO prompts and said that passkeys will become increasingly central to account sign-in flows. Google made a related move by adding FIDO2 security key support to Windows login through Google Credential Provider for Windows, expanding the use of phishing-resistant authentication. These changes matter because they are a concrete shift away from older MFA methods that are routinely bypassed or socially engineered. The update also signals a broader ecosystem transition in identity security, with vendors aligning around passkeys and hardware-backed factors. For defenders, the challenge becomes migration planning rather than debating whether passwordless is coming.
Sources
- Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID — Microsoft Security Blog
- Microsoft Entra ID authentication overhaul to start in September 2026 — Help Net Security
- Microsoft makes Windows SSO prompts easier to manage — Help Net Security
- Google adds FIDO2 keys and phone passkeys to Windows login via GCPW — Help Net Security
- According to GM, we are all doing MFA wrong… — /r/cybersecurity


Leave a Reply