Microsoft makes all new accounts passwordless by default

Microsoft has announced that all new Microsoft accounts will be “passwordless by default” to secure them against password attacks such as phishing, brute force, and credential stuffing.

The announcement comes after the company started rolling out updated sign-in and sign-up user experience (UX) flows for web and mobile apps in March, optimized for passwordless and passkey-first authentication.

“As part of this simplified UX, we’re changing the default behavior for new accounts. Brand new Microsoft accounts will now be ‘passwordless by default’,” said Joy Chik, Microsoft’s President for Identity & Network Access, and Vasu Jakkal, Corporate Vice President for Microsoft Security.

Read more at Bleeping Computer