Security Tips: Intro to Passkeys – Tech Tip for July 3, 2025

In this week’s tech tip, we’re highlighting Microsoft’s shift away from passwords and toward passkeys—a faster, more secure way to sign in using your fingerprint, face, or device PIN. This move is part of a broader industry trend focused on reducing cyber risks and improving everyday login experiences. Whether you use Microsoft apps at work or at home, getting familiar with passkeys now will help you stay ahead of upcoming changes and avoid frustration as password features begin to phase out.

What Are Passkeys?

Passkeys are a modern way to sign in using something you have (your device) and something you are (such as a biometric fingerprint or face scan).

Instead of Typing in a Password:

• You use your device’s PIN, Face ID, or fingerprint to confirm your identity.
• It works like a digital key stored on your device or in a secure cloud account.
• Newer technology that can protect you from phishing and reuse attacks.

Soon you’ll see faster, safer logins, across Microsoft 365 apps like Teams, Outlook, OneDrive, and more.

What’s Changing in 2025

As of May 2025, Microsoft has enabled passkeys by default for new personal Microsoft accounts. This means:

• New personal accounts no longer require a password during setup.
• Instead, users are prompted to create and use a passkey (via Face ID, fingerprint, Windows Hello, etc.).
• Microsoft’s goal is to make passwords optional and eventually unnecessary.

Microsoft has enabled passkeys for business (work or school) Entra ID accounts, but with some current limitations compared to personal accounts:

• Device-bound passkeys are supported in Microsoft Entra ID: employees can register passkeys stored on FIDO2 security keys or in the Authenticator app.
• IT admins must enable the policy under Authentication Methods in the Entra admin center for users to use passkeys.
• This support is currently device-bound only—meaning each passkey lives on the device it was created on.
• Cross-device syncing of passkeys (such as storing them in the Microsoft account cloud or syncing via Authenticator) is not yet available for business accounts.

June 2025:

• You will no longer be able to save new passwords in Microsoft Authenticator.

July 2025:

• Autofill for saved passwords will be turned off in Authenticator.

August 2025:

• Any saved passwords in Microsoft Authenticator will be deleted starting August 20, 2025.
• You’ll need to use a passkey or another login method.

Microsoft Authenticator and the Shift to Passkeys

Microsoft Authenticator is evolving to support passkeys as a central part of its security features. While you may not see a “sync passkeys” button just yet, Microsoft is working toward making Authenticator a full passkey manager. You can expect it to:

• Support passkey autofill in mobile apps and browsers where available.
• Allow cross-device syncs for passkeys.
• Give you the ability to view and manage your passkeys in one place.

In the meantime, Microsoft is winding down older password tools (like storing or autofilling passwords in the Authenticator app) and encouraging users to transition to passkeys now.

How to Prepare

• Export passwords from Microsoft Authenticator to Microsoft Edge (browser) or another password storage manager (ex. 1Password).
• Set up passkeys on your personal Microsoft account now.
• Make sure Microsoft Authenticator is updated and ready to be configured to the latest version.
• Communicate these changes to your team and provide training if needed.

TIP: Try exporting passwords in Microsoft Authenticator and setting up passkeys. Test signing in with passkeys on your devices to get comfortable (where available).

Reach Out to TechWise Group

Interested in learning more about Microsoft Security and Authentication features? Reach out to TechWise Group. We’ll help you make the most of your Microsoft tools.

Important Microsoft Announcements:

• Put a plan in place to upgrade to Windows 11:
  • Windows 10 reaches End of Support (EOS) on October 14, 2025.
• Maximize your organization’s Security with Secure Score and MFA:
  • Get to know your Secure Score—your essential tool for proactive threat management.
  • Enabling Multi-Factor Authentication (MFA) is the best way to prevent cyberthreats.
• Give your business a productivity boost with Microsoft Copilot:
  • Get started with Copilot consulting services to organize and secure your data, while also training you and your team.
• Contact TechWise Group to get started or to put a plan in place.