Users of the new Windows 11 preview build can now use their passkeys with Windows Hello, in order to log in to websites and apps without a password.
The release of the Windows 11 Insider Preview Build 23486 allows passkeys to be managed and authenticated via Windows Hello, using the biometric credentials – such as your fingerprint of face – or PIN that you have saved with the service.
Users can also use their phone to authenticate their login if they wish. In the Windows settings, users will also find an area to manage their passkeys, in the Passkeys sections under Accounts. From here, they van view, search and delete their stored passkeys on their Windows device.
Analysis: Why does it matter?
Passkeys are the cutting-edge passwordless method used to secure accounts and services, meaning you don’t have to remember a thing to log in to them.
Instead, two cryptographic keys are created – one on your device and one in the cloud of the service you have your account with. When they combine, they grant you access to your account.
The key that is stored on your device is not known to anyone – even yourself. All you have to do to authenticate its use is the biometric or PIN you use to secure your device. They can be used with multiple devices, as the keys can be transferred to new devices via the cloud, as long as they are stored within the same manager.
This is one of the gripes some have with passkeys, as they require software to manage them, and once they are stored on one manager, they can’t be transferred.
Microsoft sits on the board of the FIDO alliance, the industry-wide organizations that sets the standards for passkeys, as does Apple, Amazon, Google, and Meta. Some are concerned that big tech is trying to monopolize their use, as using passkeys with one vendor locks them in to that provider.
The new Windows 11/ Windows Hello integration is yet another example, as Microsoft plays catch up with Apple and Google, who have already taken significant steps to integrate the technology with their respective platforms and services.
What have others said?
A considerable number of security experts welcome the new alternative to passwords. They argue that passwords are usually the weakest element of a business’s security posture, and the recurring stories of bad practices resulting in data breaches appear to confirm that.
Passkeys are phishing resistant, so there’s no chance of a threat actor coaxing out of you the private portion of the key stored on your device – unlike a password. They are also more convenient, as
However, not everyone is entirely on board with passkeys. When we spoke to veteran security expert Roger Grimes, he was less enthused.
He countered that not only is there a danger of being locked into a ingle vendor of platform, but that there are still not enough adopters yet to declare the death of passwords. Currently, the only prominent services using passkeys, beyond those belonging to the big tech companies aforementioned, are PayPal, eBay and BestBuy.
Going Deeper
If you want to know more about the divide between the cybersecurity community over passkeys, then you can read our discussion of the topic. And if you want to learn more about passkeys and how they work, see our what are passkeys? guide.
And while you’re still using passwords, see our best password manager guide as well as out best business password manager guide.
