Microsoft has announced that all new Microsoft accounts will now be "passwordless by default." This initiative aims to protect accounts from common cyber threats such as phishing, password brute-forcing, and credential stuffing attacks.

This decision follows the updated login and registration interface that Microsoft began rolling out in mobile and web applications in March of this year. At that time, the company noted it had improved the account authentication process, placing greater emphasis on passwordless authentication.

Microsoft wants as many users as possible to switch to passkeys - a more secure password alternative that uses biometric authentication, whether fingerprint or facial recognition.

It's worth noting that Microsoft is a member of the FIDO (Fast Identity Online) Alliance - an industry association that has been promoting passkeys as a standard passwordless login method for over a decade, now used by billions of accounts worldwide.

Source