In brief: Microsoft’s Entra Passkeys enable phishing-resistant authentication on private and unmanaged endpoints, reducing the attack surface for password-based compromises.
Microsoft has activated passkey features in Entra that enable Windows logon on unmanaged devices. Authentication now runs entirely via device-bound keys instead of central passwords.
Microsoft has activated passkey features in Microsoft Entra that enable Windows logon using device-bound cryptographic keys instead of classic passwords. The innovation extends the scope beyond managed corporate systems to also cover unmanaged devices.
For CISOs, this mechanism significantly reduces the risk of password-based attack vectors. Passkeys are bound to the device itself and cannot be reused without physical or biometric access to the device. This renders phishing attempts aimed at password theft obsolete and lowers the success rate of credential stuffing attacks.
Device-bound authentication addresses key requirements of the NIS2 Directive, which mandates robust authentication mechanisms for critical systems. The use of passkeys contributes to a zero-trust architecture and strengthens the auditability of access events through binding to specific devices and authentication factors.
Source: www.computerweekly.com · Published 25 May 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.8.