passwordless Archives

Tech Optimizer

March 26, 2026

Announcing Amazon Aurora PostgreSQL serverless database creation in seconds

Colin Lazier, Vice President of Databases at AWS, announced at re:Invent 2025 that developers can now create production-ready databases using Amazon DynamoDB and Amazon Aurora DSQL in seconds. AWS introduced an express configuration for Amazon Aurora PostgreSQL, allowing users to set up a serverless database in two clicks without needing an Amazon VPC network. This configuration includes preconfigured defaults, IAM authentication for passwordless access, and an internet access gateway for secure connections. Users can create an Aurora PostgreSQL serverless database via the AWS console or command-line interface, and they can customize settings during and after creation. The new setup supports additional features like read replicas and automated failover. AWS also enhanced the Free Tier program, providing up to 0 in credits for new users, and integrated Aurora with platforms like Vercel for rapid application development. Users are billed based on Aurora Capacity Units (ACUs), which scale automatically.

Winsage

March 12, 2026

Microsoft Introduces Phishing-Resistant Windows Sign-Ins With Entra Passkeys

Microsoft will introduce phishing-resistant passwordless authentication through passkeys for Windows devices, integrated with Microsoft Entra. This feature is expected to enter public preview between mid-March and late April 2026 for global tenants, while government cloud environments will receive the update from mid-April to mid-May. Users can access Entra-protected resources using device-bound passkeys stored securely within Windows Hello, allowing authentication through biometric or local verification methods. This update expands passwordless authentication to unmanaged or personal Windows devices. Passkeys utilize public-key cryptography, enhancing security by storing a private key on the device and registering a matching public key with the service. Each passkey is uniquely associated with a specific device and cannot be exported or synchronized. Organizations must enable the Passkeys (FIDO2) authentication method in Entra for the preview. This initiative is part of Microsoft's broader strategy to eliminate passwords, responding to rising cybersecurity concerns related to password-based authentication.

Winsage

March 11, 2026

Windows Hello gets passkey support for Entra accounts

Microsoft is enhancing the sign-in process for Microsoft Entra on Windows devices by introducing support for passkeys that integrate with Windows Hello, reducing reliance on traditional passwords. This feature aims to improve resistance against phishing attacks and will begin its optional public preview between mid-March and the end of April 2026 for organizations globally. Government cloud environments will have a separate preview from mid-April to mid-May. Administrators must activate this functionality for users. Employees will be able to access Entra-secured services using Windows Hello through biometric recognition or a PIN code, with cryptographic keys securely stored on the device. This method protects against phishing and account abuse since the keys remain on the device and are not vulnerable to interception. Passkeys will also work on Windows systems not linked to Entra, allowing access to company resources without passwords on personal or shared devices. Each Entra account generates a unique passkey per device, and synchronization between devices is not supported. Administrators need to enable the FIDO2 passkey method within Entra’s authentication policy to activate this feature. Microsoft aims to gradually eliminate passwords, providing stronger defenses against phishing and account compromise.

Winsage

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. has released security updates addressing at least 77 vulnerabilities across its Windows operating systems and various software applications. Key vulnerabilities include: - CVE-2026-21262: Allows an attacker to elevate privileges on SQL Server 2016 and later, with a CVSS v3 base score of 8.8. - CVE-2026-26127: Affects applications running on .NET, potentially leading to denial of service. - CVE-2026-26113 and CVE-2026-26110: Remote code execution flaws in Microsoft Office exploitable by viewing malicious messages in the Preview Pane. - CVE-2026-24291, CVE-2026-24294, CVE-2026-24289, and CVE-2026-25187: Privilege escalation vulnerabilities rated CVSS 7.8. - CVE-2026-21536: A critical remote code execution bug identified by an AI agent, marking a shift toward AI-driven vulnerability discovery. Additionally, Microsoft previously addressed nine browser vulnerabilities and issued an out-of-band update on March 2 for Windows Server 2022. Adobe has released updates for 80 vulnerabilities across its products, and Mozilla Firefox version 148.0.2 has resolved three high-severity CVEs.

Winsage

March 11, 2026

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is introducing passkey support for Microsoft Entra on Windows devices, enabling phishing-resistant, passwordless authentication through Windows Hello. The feature will be available on an opt-in basis in public preview from mid-March to late April 2026 for global tenants, with a subsequent rollout for government cloud environments from mid-April to mid-May. This feature extends passwordless sign-in to unmanaged Windows devices, reducing reliance on traditional password-based methods. Passkeys are device-bound, stored in the Windows Hello container, and cannot be synced across devices. IT administrators must enable the Passkeys (FIDO2) authentication method within Entra's Authentication Methods policies to participate in the public preview. Additionally, Microsoft announced that all new Microsoft accounts will be "passwordless by default" starting in May 2025, following the rollout of passkey authentication for personal accounts in 2024.

Winsage

March 5, 2026

Bitwarden now lets users log into Windows 11 using passkeys

Bitwarden has introduced a feature that allows Windows 11 users to log in using passkeys stored in their vaults, enhancing security by enabling phishing-resistant authentication at the operating system's login screen. Users can authenticate by scanning a QR code displayed on the Windows screen with the Bitwarden app on their mobile device, which verifies access to the stored passkey. This feature requires the Windows device to be joined to Microsoft Entra ID and for the organization to enable FIDO2 security key sign-in. Users must also register a passkey for their Entra ID profile stored in Bitwarden. The integration aims to improve security against cyber attacks targeting operating system authentication. Microsoft plans to roll out this passkey-based Windows login feature in March, depending on the organization's Microsoft Entra ID configuration, and it will be available across all Bitwarden plans, including the free tier.

Winsage

February 27, 2026

De-Enshittify Windows 11: Make Windows 11 More Secure ⭐

Windows 11 offers a mix of security and privacy features, with a recommendation for users to opt for a Copilot+ PC with a Qualcomm Snapdragon X-series processor for enhanced security. Most users log in with a Microsoft account, which provides benefits such as two-factor authentication, device-bound passkeys, account recovery options, and automatic disk encryption. However, using a local account poses security risks, including limited recovery options and lack of support for key security features. To secure Windows 11, users should take several steps during initial setup or later, including enabling Windows Security features, verifying device encryption, and enhancing sign-in security through Windows Hello options like facial and fingerprint recognition. Additional security features such as Controlled Folder Access and Smart App Control can be configured for better protection. Users are advised to remove unnecessary third-party security apps and keep Windows 11 and installed applications up-to-date to maintain security. Regular updates and proper configuration of Windows Update settings are also essential for preventing disruptions and ensuring data safety.

Tech Optimizer

February 15, 2026

Manage PostgreSQL Databases Directly in VS Code with Microsoft’s Extension

Microsoft's PostgreSQL extension for VS Code streamlines database management by allowing users to connect to databases, write and execute queries, visualize schemas, and engage with GitHub Copilot without switching applications. It includes Entra authentication for Azure Database for PostgreSQL, enhancing security. The extension features a @pgsql GitHub Copilot agent that assists with PostgreSQL tasks, enabling users to rewrite queries, clarify functions, and analyze performance metrics. The Copilot Chat Agent Mode allows for multi-step tasks like debugging and schema optimization, requiring user permission for database changes. Users can visualize database schemas, manage connections for local and cloud-hosted databases, and utilize context-aware IntelliSense for writing SQL queries. Additional features include a server dashboard, schema migration capabilities, and Docker support for local PostgreSQL instances. Users can install the extension from the VS Code Marketplace.

Winsage

January 30, 2026

Microsoft to disable NTLM by default in future Windows releases

Microsoft will disable the NTLM authentication protocol by default in the next major Windows Server release and associated Windows client versions. NTLM, introduced in 1993, has been vulnerable to various cyberattacks, including NTLM relay and pass-the-hash attacks. The transition plan includes three phases: enhanced auditing tools in Windows 11 24H2 and Windows Server 2025, new features like IAKerb and a Local Key Distribution Center in late 2026, and eventually disabling network NTLM by default in future releases. NTLM will remain in the operating system but will not be used automatically. Microsoft deprecated NTLM authentication in July 2024 and has encouraged developers to transition to Kerberos or Negotiation authentication.

Winsage

December 29, 2025

Microsoft Adds Sudo to Windows 11 24H2 for Seamless Elevated Commands

Microsoft has introduced the sudo command in Windows 11 version 24H2, allowing users to execute commands with elevated privileges directly from a standard command prompt or PowerShell window. Users can enable this feature via Settings under System > For Developers. Sudo can run commands in three modes: “in a new window,” “with input disabled,” and “inline.” The inline mode runs the elevated command in the same console session, preserving context and variables. Microsoft has open-sourced the project on GitHub, inviting community contributions. Sudo integrates with User Account Control (UAC) for security, ensuring every elevation request is vetted. It simplifies administrative tasks for software engineers and system administrators, particularly in corporate environments where full admin access is restricted. The feature works seamlessly in Windows Terminal and supports Azure integrations. While some users have reported compatibility issues, Microsoft emphasizes that sudo is a developer tool rather than a complete replacement for Linux's sudo. Future developments may include community-driven extensions and integration with Windows Subsystem for Linux (WSL).