Wednesday, April 2, 2025
HomeCyber Security News"Password Era is Ending," Microsoft to Delete 1 Billion Passwords

“Password Era is Ending,” Microsoft to Delete 1 Billion Passwords

Published on

SIEM as a Service

Follow Us on Google News

Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago.

This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys emerging as a promising solution.

The tech giant has also reported a 146% year-over-year increase in adversary-in-the-middle phishing attacks, highlighting the evolving sophistication of cybercriminals.

These alarming statistics come as part of Microsoft’s broader efforts to transition away from traditional passwords towards more secure authentication methods.

Passkeys, a cutting-edge alternative to passwords, are gaining traction as a potential game-changer in the fight against cyber attacks.

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide

Unlike passwords, passkeys leverage biometric data or PINs to unlock a private key stored on the user’s device, making them significantly more resistant to phishing and other common attack vectors.

Microsoft’s commitment to passkeys is evident in its recent initiatives. In May 2024, the company announced passkey support for popular services like Xbox, Microsoft 365, and Microsoft Copilot.

The results have been encouraging, with passkey sign-ins proving to be three times faster than traditional passwords and eight times faster than passwords combined with multifactor authentication.

User adoption has also been promising. Microsoft reports that users are three times more successful in signing in with passkeys compared to passwords, with a 98% success rate versus 32% for passwords.

Furthermore, 99% of users who begin the passkey registration process complete it, indicating high user acceptance.

To drive adoption, Microsoft has implemented a proactive approach, nudging users to enroll in passkeys at key moments, such as account creation or password resets.

This strategy has yielded impressive results, with a 987% increase in passkey use following the implementation of a new sign-in design.

Looking ahead, Microsoft projects that hundreds of millions of new users will create and use passkeys in the coming months.

The company’s ultimate goal is to completely eliminate passwords, transitioning to accounts that only support phishing-resistant credentials.

As the digital landscape continues to evolve, the shift towards passkeys represents a significant step in enhancing cybersecurity.

With major tech players like Microsoft leading the charge, the era of traditional passwords may indeed be coming to an end, ushering in a new age of more secure and user-friendly authentication methods.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

20,000 WordPress Sites at Risk of File Upload & Deletion Exploits

A critical security alert has been issued to WordPress site administrators following the discovery...

Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub

The cybersecurity landscape has witnessed a concerning development with the emergence of "Prince Ransomware,"...

QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials

Cybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a...

North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks

North Korean IT workers have intensified their global operations, expanding their employment footprint across...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub

The cybersecurity landscape has witnessed a concerning development with the emergence of "Prince Ransomware,"...

QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials

Cybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a...

North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks

North Korean IT workers have intensified their global operations, expanding their employment footprint across...