Microsoft unveils passkey functionality for Entra ID
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Brief Overview
- Microsoft rolls out passkey authentication for Entra ID.
- Public preview accessible for Windows sign-in users.
- Passkeys take the place of passwords using public key cryptography.
- Boosted security against phishing and credential-related threats.
- Integration with Windows Hello enables biometric authentication.
- Accessible for managed, individual, and shared computers.
Transforming Authentication with Passkeys
Microsoft is poised to improve the security environment by rolling out passkey authentication for Entra ID, aimed at businesses whose users log in from Windows devices. This initiative is part of a larger industry movement towards password-free authentication, utilizing public key cryptography to boost both security and user experience.
Grasping Passkeys and Their Advantages
Passkeys function as an anti-phishing authentication credential, substituting conventional passwords. They employ a cryptographic key pair wherein the public key is kept on the server, while the private key stays safely on the user’s device, shielded by the device’s secure enclave. This guarantees that no shared secret is ever sent or stored server-side, rendering passkeys immune to typical credential-based assaults.
Connection with Windows Hello
For users, the authentication procedure entails local identity verification through biometrics such as fingerprint or facial recognition via Windows Hello, or a secure PIN. This corresponds with the FIDO2/WebAuthn standard, highly regarded for its security effectiveness.
Accessibility and Involvement
The passkey authentication method is presently in public preview, active from mid-March to late April, with worldwide availability anticipated subsequently. Administrators can engage by activating Entra passkeys through Authentication Methods policies.
Conclusion
Microsoft’s launch of passkey support for Entra ID signifies a major advancement towards improving security through password-free authentication. By leveraging public key cryptography and connecting with Windows Hello, this update offers a solid defense against phishing and credential attacks.
Q: What is the primary advantage of using passkeys compared to traditional passwords?
A: Passkeys offer superior security by employing public key cryptography, rendering them resistant to phishing and credential attacks.
Q: How do users verify their identity with passkeys on Windows devices?
A: Users verify their identity through Windows Hello biometric methods such as fingerprint or facial recognition, or a secure PIN.
Q: When will the passkey authentication feature be available to everyone?
A: The feature is projected to be generally available globally after the public preview period, concluding in late April.
Q: Are passkeys suitable for all varieties of PCs?
A: Yes, Microsoft indicated that passkeys will be accessible for managed, personal, and shared PCs.
