passwordless authentication Archives

Winsage

April 24, 2026

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will introduce passkey support for phishing-resistant passwordless authentication on Microsoft Entra-protected resources starting in late April, with broader availability expected by mid-June 2026. This feature will allow passwordless sign-in on unmanaged Windows devices and will support various device types, including corporate, personal, and shared options. Administrators can manage passkeys through Conditional Access and Authentication Methods policies. Users can create device-bound passkeys stored securely within the Windows Hello container, using methods like facial recognition, fingerprint scanning, or a PIN. The passkeys will adhere to FIDO2 standards and will be securely bound to individual devices, preventing transmission over the network to enhance security against phishing and malware attacks. Microsoft has also announced plans for mandatory multifactor authentication registration for Entra tenants by October 2024 and that all new accounts will be passwordless by default starting in May 2025.

Tech Optimizer

April 21, 2026

Gen Digital Inc stock (US36870C1018): Is its cybersecurity moat strong enough for steady investor re

Gen Digital Inc operates a consumer-focused cybersecurity model centered on subscription-based protection services, including antivirus, VPNs, and identity theft protection. The company generates predictable revenue through auto-renewals, with over 90% of customers renewing annually. Its business model scales with internet penetration and focuses on individual users rather than enterprise contracts. Gen Digital emphasizes organic growth through product innovation and geographic expansion, with key growth drivers including the increase of connected devices and cloud-based delivery. The product portfolio features tiered subscription plans, catering to diverse consumer needs, and the company maintains a competitive position through superior detection rates and customer support. Gen Digital's primary markets are North America and Europe, with emerging opportunities in Latin America and Asia. Analysts view the subscription model favorably for its resilience and cash flow generation, while risks include competition from free tools and regulatory changes. Upcoming earnings will provide insights into subscriber trends and pricing power.

Tech Optimizer

April 19, 2026

Avast Antivirus: Between Free Tier Strength and Privacy Risks, Things Are Getting Interesting

Avast Antivirus offers free protection against malware, phishing, and unsafe websites, featuring real-time scanning, ransomware protection, and a behavior-based detection system. The free edition includes protective shields for files, emails, and web browsing, while Avast Premium Security provides advanced ransomware defense and a secure browser. Avast One bundles additional features like a VPN and parental controls. Gen Digital acquired Avast in 2022, positioning it as a key part of its consumer cybersecurity strategy, with a freemium model that attracts users and encourages upgrades to premium plans. Avast has a user base of 435 million, with millions transitioning to paid subscriptions annually. The global antivirus market is experiencing double-digit growth, driven by increasing cyber threats. Avast competes with major players like Norton, Bitdefender, and Kaspersky, while facing challenges from free alternatives like Windows Defender. The company previously faced privacy issues related to the sale of anonymized browsing data but has since implemented transparency measures and compliance with EU regulations. Avast is exploring AI-driven detection methods and post-quantum defenses to enhance its offerings.

Winsage

March 12, 2026

Microsoft Introduces Phishing-Resistant Windows Sign-Ins With Entra Passkeys

Microsoft will introduce phishing-resistant passwordless authentication through passkeys for Windows devices, integrated with Microsoft Entra. This feature is expected to enter public preview between mid-March and late April 2026 for global tenants, while government cloud environments will receive the update from mid-April to mid-May. Users can access Entra-protected resources using device-bound passkeys stored securely within Windows Hello, allowing authentication through biometric or local verification methods. This update expands passwordless authentication to unmanaged or personal Windows devices. Passkeys utilize public-key cryptography, enhancing security by storing a private key on the device and registering a matching public key with the service. Each passkey is uniquely associated with a specific device and cannot be exported or synchronized. Organizations must enable the Passkeys (FIDO2) authentication method in Entra for the preview. This initiative is part of Microsoft's broader strategy to eliminate passwords, responding to rising cybersecurity concerns related to password-based authentication.

Winsage

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. has released security updates addressing at least 77 vulnerabilities across its Windows operating systems and various software applications. Key vulnerabilities include: - CVE-2026-21262: Allows an attacker to elevate privileges on SQL Server 2016 and later, with a CVSS v3 base score of 8.8. - CVE-2026-26127: Affects applications running on .NET, potentially leading to denial of service. - CVE-2026-26113 and CVE-2026-26110: Remote code execution flaws in Microsoft Office exploitable by viewing malicious messages in the Preview Pane. - CVE-2026-24291, CVE-2026-24294, CVE-2026-24289, and CVE-2026-25187: Privilege escalation vulnerabilities rated CVSS 7.8. - CVE-2026-21536: A critical remote code execution bug identified by an AI agent, marking a shift toward AI-driven vulnerability discovery. Additionally, Microsoft previously addressed nine browser vulnerabilities and issued an out-of-band update on March 2 for Windows Server 2022. Adobe has released updates for 80 vulnerabilities across its products, and Mozilla Firefox version 148.0.2 has resolved three high-severity CVEs.

Winsage

March 11, 2026

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is introducing passkey support for Microsoft Entra on Windows devices, enabling phishing-resistant, passwordless authentication through Windows Hello. The feature will be available on an opt-in basis in public preview from mid-March to late April 2026 for global tenants, with a subsequent rollout for government cloud environments from mid-April to mid-May. This feature extends passwordless sign-in to unmanaged Windows devices, reducing reliance on traditional password-based methods. Passkeys are device-bound, stored in the Windows Hello container, and cannot be synced across devices. IT administrators must enable the Passkeys (FIDO2) authentication method within Entra's Authentication Methods policies to participate in the public preview. Additionally, Microsoft announced that all new Microsoft accounts will be "passwordless by default" starting in May 2025, following the rollout of passkey authentication for personal accounts in 2024.

Winsage

March 5, 2026

Bitwarden now lets users log into Windows 11 using passkeys

Bitwarden has introduced a feature that allows Windows 11 users to log in using passkeys stored in their vaults, enhancing security by enabling phishing-resistant authentication at the operating system's login screen. Users can authenticate by scanning a QR code displayed on the Windows screen with the Bitwarden app on their mobile device, which verifies access to the stored passkey. This feature requires the Windows device to be joined to Microsoft Entra ID and for the organization to enable FIDO2 security key sign-in. Users must also register a passkey for their Entra ID profile stored in Bitwarden. The integration aims to improve security against cyber attacks targeting operating system authentication. Microsoft plans to roll out this passkey-based Windows login feature in March, depending on the organization's Microsoft Entra ID configuration, and it will be available across all Bitwarden plans, including the free tier.

Winsage

February 27, 2026

De-Enshittify Windows 11: Make Windows 11 More Secure ⭐

Windows 11 offers a mix of security and privacy features, with a recommendation for users to opt for a Copilot+ PC with a Qualcomm Snapdragon X-series processor for enhanced security. Most users log in with a Microsoft account, which provides benefits such as two-factor authentication, device-bound passkeys, account recovery options, and automatic disk encryption. However, using a local account poses security risks, including limited recovery options and lack of support for key security features. To secure Windows 11, users should take several steps during initial setup or later, including enabling Windows Security features, verifying device encryption, and enhancing sign-in security through Windows Hello options like facial and fingerprint recognition. Additional security features such as Controlled Folder Access and Smart App Control can be configured for better protection. Users are advised to remove unnecessary third-party security apps and keep Windows 11 and installed applications up-to-date to maintain security. Regular updates and proper configuration of Windows Update settings are also essential for preventing disruptions and ensuring data safety.

Winsage

November 27, 2025

Microsoft Security Keys May Require PIN After Recent Windows Updates

Microsoft announced an update for FIDO2 security keys on Windows 11, introducing a new prompt for users to set up a PIN during authentication. The rollout began with preview update KB5065789 on September 29, 2025, for OS Builds 26200.6725 and 26100.6725, and was completed with security update KB5068861 on November 11, 2025, for OS Builds 26200.7171 and 26100.7171. This update affects sign-ins where a Relying Party (RP) or Identity Provider (IDP) requests User Verification set to “Preferred” for keys without a PIN, in accordance with WebAuthn specifications. Users must now set up a PIN during authentication flows, not just during registration. To avoid PIN prompts, RPs or IDPs can set “userVerification” to “discouraged.” There is no option to roll back the changes.

Winsage

November 26, 2025

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft issued a notice to users about a new behavior related to FIDO2 security keys following Windows updates since the September 2025 preview update. This change affects devices on Windows 11 versions 24H2 or 25H2, where users may be prompted to enter a PIN during authentication. The adjustment aligns with WebAuthn specifications, which outline protocols for authentication methods, including PINs and biometrics. User verification can be categorized as discouraged, preferred, or required, with "preferred" necessitating a PIN setup if supported by the authenticator. The rollout began after the KB5065789 preview update and was completed with the November KB5068861 security update. Microsoft stated that after installing the September 29, 2025 update, users might need to create a PIN to sign in with a security key, even if it was not required during initial registration. This behavior occurs when a Relying Party or Identity Provider requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN. Organizations can opt to adjust the user verification setting to "discouraged" if they do not want to require users to create or enter PINs. FIDO2 security keys enable passwordless authentication by requiring the physical presence of a USB, NFC, or Bluetooth token, gaining popularity as organizations seek to reduce risks associated with traditional passwords.