Wednesday, April 30, 2025
HomeCyber Security News"Password Era is Ending," Microsoft to Delete 1 Billion Passwords

“Password Era is Ending,” Microsoft to Delete 1 Billion Passwords

Published on

SIEM as a Service

Follow Us on Google News

Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago.

This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys emerging as a promising solution.

The tech giant has also reported a 146% year-over-year increase in adversary-in-the-middle phishing attacks, highlighting the evolving sophistication of cybercriminals.

- Advertisement - Google News

These alarming statistics come as part of Microsoft’s broader efforts to transition away from traditional passwords towards more secure authentication methods.

Passkeys, a cutting-edge alternative to passwords, are gaining traction as a potential game-changer in the fight against cyber attacks.

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide

Unlike passwords, passkeys leverage biometric data or PINs to unlock a private key stored on the user’s device, making them significantly more resistant to phishing and other common attack vectors.

Microsoft’s commitment to passkeys is evident in its recent initiatives. In May 2024, the company announced passkey support for popular services like Xbox, Microsoft 365, and Microsoft Copilot.

The results have been encouraging, with passkey sign-ins proving to be three times faster than traditional passwords and eight times faster than passwords combined with multifactor authentication.

User adoption has also been promising. Microsoft reports that users are three times more successful in signing in with passkeys compared to passwords, with a 98% success rate versus 32% for passwords.

Furthermore, 99% of users who begin the passkey registration process complete it, indicating high user acceptance.

To drive adoption, Microsoft has implemented a proactive approach, nudging users to enroll in passkeys at key moments, such as account creation or password resets.

This strategy has yielded impressive results, with a 987% increase in passkey use following the implementation of a new sign-in design.

Looking ahead, Microsoft projects that hundreds of millions of new users will create and use passkeys in the coming months.

The company’s ultimate goal is to completely eliminate passwords, transitioning to accounts that only support phishing-resistant credentials.

As the digital landscape continues to evolve, the shift towards passkeys represents a significant step in enhancing cybersecurity.

With major tech players like Microsoft leading the charge, the era of traditional passwords may indeed be coming to an end, ushering in a new age of more secure and user-friendly authentication methods.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cybercriminals Trick Tenants into Sending Rent to Fraudulent Accounts

Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business...

New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites

The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that...

Ruby on Rails Vulnerability Allows CSRF Protection Bypass

A critical vulnerability in Ruby on Rails' Cross-Site Request Forgery (CSRF) protection mechanism has...

Over 90% of Cybersecurity Leaders Worldwide Report Cloud-Targeted Cyberattacks

A groundbreaking report from Rubrik Zero Labs, titled The State of Data Security: A...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Cybercriminals Trick Tenants into Sending Rent to Fraudulent Accounts

Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business...

New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites

The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that...

Ruby on Rails Vulnerability Allows CSRF Protection Bypass

A critical vulnerability in Ruby on Rails' Cross-Site Request Forgery (CSRF) protection mechanism has...