Microsoft is rolling out passkey help for Microsoft Entra on Home windows gadgets, including phishing-resistant passwordless authentication through Home windows Hey.
The function is opt-in and can enter public preview from mid-March by late April 2026 for worldwide tenants. Authorities cloud environments (GCC, GCC Excessive, and DoD) comply with with mid-April by mid-Could rollout home windows.
Notably, this additionally extends passwordless sign-in to unmanaged Home windows gadgets, a spot that beforehand left private and shared gadgets counting on password-based authentication.
“We’re introducing Microsoft Entra passkeys on Home windows to allow phishing-resistant sign-in to Entra-protected assets. This replace permits customers to create gadget‑certain passkeys saved within the Home windows Hey container and authenticate utilizing Home windows Hey strategies (face, fingerprint, or PIN),” Microsoft explains on the Microsoft 365 message heart.
“It additionally expands passwordless authentication to Home windows gadgets that are not Entra‑joined or registered, serving to organizations strengthen safety and cut back reliance on passwords.”
The generated passkeys are cryptographically certain to the gadget and by no means transmitted over the community, so risk actors cannot steal them in phishing or malware assaults to bypass multi-factor authentication.
Microsoft added that every Entra account will register its personal passkey per gadget, and a number of accounts can coexist on a single machine. Nonetheless, passkeys are gadget‑certain and can’t be synced throughout gadgets, so every Entra account would require separate registration.
To enroll within the public preview, IT directors should allow the Passkeys (FIDO2) authentication methodology in Entra’s Authentication Strategies insurance policies, create a passkey profile with the required Home windows Hey AAGUIDs, and assign it to the suitable teams.
Microsoft introduced in Could 2025 that each one new Microsoft accounts will probably be “passwordless by default” to safe them towards phishing, brute-force, and credential-stuffing assaults.
One 12 months earlier, it rolled out help for passkey authentication for private Microsoft accounts, after including a built-in passkey supervisor for Home windows Hey with the Home windows 11 22H2 function replace.
Malware is getting smarter. The Crimson Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 methods and see in case your safety stack is blinded.
