Google and Microsoft move decisively toward passkeys and stronger sign-in defaults

Google and Microsoft move decisively toward passkeys and stronger sign-in defaults

Microsoft announced major changes to Entra ID that make passkeys the default authentication experience in the public cloud, with SMS and voice gradually being phased down. The company also introduced new controls for Windows SSO prompts and said that passkeys will become increasingly central to account sign-in flows. Google made a related move by adding FIDO2 security key support to Windows login through Google Credential Provider for Windows, expanding the use of phishing-resistant authentication. These changes matter because they are a concrete shift away from older MFA methods that are routinely bypassed or socially engineered. The update also signals a broader ecosystem transition in identity security, with vendors aligning around passkeys and hardware-backed factors. For defenders, the challenge becomes migration planning rather than debating whether passwordless is coming.

Sources

Leave a Reply

Your email address will not be published. Required fields are marked *


Post Comment