passwordless authentication Archives

Winsage

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. has released security updates addressing at least 77 vulnerabilities across its Windows operating systems and various software applications. Key vulnerabilities include: - CVE-2026-21262: Allows an attacker to elevate privileges on SQL Server 2016 and later, with a CVSS v3 base score of 8.8. - CVE-2026-26127: Affects applications running on .NET, potentially leading to denial of service. - CVE-2026-26113 and CVE-2026-26110: Remote code execution flaws in Microsoft Office exploitable by viewing malicious messages in the Preview Pane. - CVE-2026-24291, CVE-2026-24294, CVE-2026-24289, and CVE-2026-25187: Privilege escalation vulnerabilities rated CVSS 7.8. - CVE-2026-21536: A critical remote code execution bug identified by an AI agent, marking a shift toward AI-driven vulnerability discovery. Additionally, Microsoft previously addressed nine browser vulnerabilities and issued an out-of-band update on March 2 for Windows Server 2022. Adobe has released updates for 80 vulnerabilities across its products, and Mozilla Firefox version 148.0.2 has resolved three high-severity CVEs.

Winsage

March 11, 2026

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is introducing passkey support for Microsoft Entra on Windows devices, enabling phishing-resistant, passwordless authentication through Windows Hello. The feature will be available on an opt-in basis in public preview from mid-March to late April 2026 for global tenants, with a subsequent rollout for government cloud environments from mid-April to mid-May. This feature extends passwordless sign-in to unmanaged Windows devices, reducing reliance on traditional password-based methods. Passkeys are device-bound, stored in the Windows Hello container, and cannot be synced across devices. IT administrators must enable the Passkeys (FIDO2) authentication method within Entra's Authentication Methods policies to participate in the public preview. Additionally, Microsoft announced that all new Microsoft accounts will be "passwordless by default" starting in May 2025, following the rollout of passkey authentication for personal accounts in 2024.

Winsage

March 5, 2026

Bitwarden now lets users log into Windows 11 using passkeys

Bitwarden has introduced a feature that allows Windows 11 users to log in using passkeys stored in their vaults, enhancing security by enabling phishing-resistant authentication at the operating system's login screen. Users can authenticate by scanning a QR code displayed on the Windows screen with the Bitwarden app on their mobile device, which verifies access to the stored passkey. This feature requires the Windows device to be joined to Microsoft Entra ID and for the organization to enable FIDO2 security key sign-in. Users must also register a passkey for their Entra ID profile stored in Bitwarden. The integration aims to improve security against cyber attacks targeting operating system authentication. Microsoft plans to roll out this passkey-based Windows login feature in March, depending on the organization's Microsoft Entra ID configuration, and it will be available across all Bitwarden plans, including the free tier.

Winsage

February 27, 2026

De-Enshittify Windows 11: Make Windows 11 More Secure ⭐

Windows 11 offers a mix of security and privacy features, with a recommendation for users to opt for a Copilot+ PC with a Qualcomm Snapdragon X-series processor for enhanced security. Most users log in with a Microsoft account, which provides benefits such as two-factor authentication, device-bound passkeys, account recovery options, and automatic disk encryption. However, using a local account poses security risks, including limited recovery options and lack of support for key security features. To secure Windows 11, users should take several steps during initial setup or later, including enabling Windows Security features, verifying device encryption, and enhancing sign-in security through Windows Hello options like facial and fingerprint recognition. Additional security features such as Controlled Folder Access and Smart App Control can be configured for better protection. Users are advised to remove unnecessary third-party security apps and keep Windows 11 and installed applications up-to-date to maintain security. Regular updates and proper configuration of Windows Update settings are also essential for preventing disruptions and ensuring data safety.

Winsage

November 27, 2025

Microsoft Security Keys May Require PIN After Recent Windows Updates

Microsoft announced an update for FIDO2 security keys on Windows 11, introducing a new prompt for users to set up a PIN during authentication. The rollout began with preview update KB5065789 on September 29, 2025, for OS Builds 26200.6725 and 26100.6725, and was completed with security update KB5068861 on November 11, 2025, for OS Builds 26200.7171 and 26100.7171. This update affects sign-ins where a Relying Party (RP) or Identity Provider (IDP) requests User Verification set to “Preferred” for keys without a PIN, in accordance with WebAuthn specifications. Users must now set up a PIN during authentication flows, not just during registration. To avoid PIN prompts, RPs or IDPs can set “userVerification” to “discouraged.” There is no option to roll back the changes.

Winsage

November 26, 2025

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft issued a notice to users about a new behavior related to FIDO2 security keys following Windows updates since the September 2025 preview update. This change affects devices on Windows 11 versions 24H2 or 25H2, where users may be prompted to enter a PIN during authentication. The adjustment aligns with WebAuthn specifications, which outline protocols for authentication methods, including PINs and biometrics. User verification can be categorized as discouraged, preferred, or required, with "preferred" necessitating a PIN setup if supported by the authenticator. The rollout began after the KB5065789 preview update and was completed with the November KB5068861 security update. Microsoft stated that after installing the September 29, 2025 update, users might need to create a PIN to sign in with a security key, even if it was not required during initial registration. This behavior occurs when a Relying Party or Identity Provider requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN. Organizations can opt to adjust the user verification setting to "discouraged" if they do not want to require users to create or enter PINs. FIDO2 security keys enable passwordless authentication by requiring the physical presence of a USB, NFC, or Bluetooth token, gaining popularity as organizations seek to reduce risks associated with traditional passwords.

Winsage

November 13, 2025

Windows 11 now supports 3rd-party apps for native passkey management

Microsoft has introduced native support for third-party passkey managers on Windows 11, including 1Password and Bitwarden, as part of a collaborative effort that resulted in a passkey API. This feature was rolled out with the November 2025 security update. Passkeys adhere to FIDO2/WebAuthn standards and utilize private-public key cryptography, eliminating traditional passwords. Windows generates a key pair upon registration on a passkey-enabled site, storing the private key securely. Users verify their identity using Windows Hello, which enhances security through PIN and biometric authentication. The integration allows for synchronization across Windows devices when signed into Edge with the same Microsoft account, with security measures including Azure Managed Hardware Security Modules and Azure Confidential Compute. Microsoft Edge version 142 and later introduced passkey saving and syncing capabilities, and Bitwarden launched its “Log in with Passkeys” feature in January 2024. Bitwarden's integration with Windows 11 is currently in beta.

Winsage

July 22, 2025

Forrester study reveals Windows 365 Link enhances productivity and security, projects ROI up to 195%

Shared PCs have challenges in security, compliance, and IT support due to the lack of individual logins. Windows 365 Link, launched in April 2025, aims to address these issues by providing a secure, cloud-powered Windows experience for shared environments. A Forrester study commissioned by Microsoft indicates that implementing Windows 365 Link can yield a return on investment of up to 195% over six years for organizations with 2,000 employees and 500 contractors. The projected financial benefits include: - End-user productivity gains: 22%-30% of unproductive time saved, translating to .4 million – .3 million. - Strengthened security: Savings of .5 million – .7 million from devices without local data and passwordless authentication. - Reduced hardware costs: Savings of .8 million – .2 million over six years by transitioning from traditional desktops. - IT time savings: Up to 90% savings on provisioning and decommissioning tasks, amounting to .9 million – .5 million. - Accelerated onboarding: Savings of ,000 – ,000 from faster onboarding of new desk-based workers. Users reported significant improvements in productivity, security, and cost-effectiveness with Windows 365 Link, citing reduced setup times and enhanced operational efficiency. The device is managed via Microsoft Intune, enhancing security by eliminating local administrators. Windows 365 Link is expected to be more cost-effective than traditional laptops or desktops, with an extended lifecycle. Availability is expanding to new markets, including Denmark, France, India, the Netherlands, Sweden, and Switzerland later this year.

Winsage

June 28, 2025

Microsoft is testing tighter integration with 1Password’s passkeys in Windows.

Microsoft is integrating 1Password’s passkeys within the Windows ecosystem to enhance user experience. This feature is currently in the testing phase and is available to Windows Insiders in the Dev Channel who install the beta version of 1Password.

Tech Optimizer

May 15, 2025

Neon Serverless Postgres: Azure Native Integration Now Available

Microsoft and Neon have launched Neon Serverless Postgres as a native integration within the Azure ecosystem, following its initial preview in December 2024. This open-source, serverless database solution is positioned as an alternative to AWS Aurora Postgres. Key features include automatic scaling, branching capabilities, direct database connection from Azure, Azure CLI and SDK support, and Semantic Kernel integration for RAG pipelines. Microsoft has invested millions in Neon as part of a broader funding round to enhance collaboration. Neon’s platform includes autoscaling, branching, and point-in-time restore capabilities, specifically designed for AI applications. EnterpriseDB has appointed Nancy Hensley as Chief Product Officer to lead growth for its EDB Postgres AI platform, which supports various workloads and modernizes legacy systems. Additionally, companies are increasingly adopting passwordless authentication methods, with MojoAuth offering solutions that integrate into applications to enhance security and user experience.