Describe your service/platform/product and how it’s using FIDO authentication.
Microsoft Account (MSA) powers consumer-facing experiences across services like Xbox, Microsoft 365, Copilot, and more. In 2023, Microsoft began rolling out passkey support across these services, allowing users to sign in with a face, fingerprint, or device PIN instead of a password. By integrating FIDO credentials, we made it easier, faster, and significantly more secure for over a billion users accessing their Microsoft accounts, by removing the need for passwords.
What were the challenges you were trying to overcome?
We set out to solve three major challenges:
Security: Passwords are inherently insecure and highly vulnerable to phishing and brute force attacks. In 2024, we observed more than 7,000 password attacks per second.
User experience: Passwords are frustrating—users forget them, reuse them, or mistype them. We wanted a sign-in experience that users could succeed at the first time, every time.
Adoption at scale: We needed a solution that could work across devices and platforms while meeting high usability expectations for a global user base.
Why did you choose FIDO authentication over other options? What did you identify as advantages of implementing FIDO?
FIDO credentials offer the ideal combination of security, usability, and interoperability. They are resistant to phishing and credential theft, and they eliminate the need for shared secrets like passwords. FIDO credentials also enable seamless cross-device and cross-platform experiences—critical for consumer use cases. In testing, we found that passkeys delivered both improved security and a dramatically better user experience.
Describe your roll out of FIDO authentication.
Microsoft took a phased approach. We started by enabling passkeys for MSA sign-ins across consumer services like Xbox and Copilot. From there, we made UX changes to prioritize passwordless options. New Microsoft Accounts are now passwordless by default, and existing users are guided to enroll a passkey during or after sign-in. Throughout this process, we have worked closely with platform partners like Apple and Google, and continued our long-standing collaboration with the FIDO Alliance to ensure our approach aligns with industry standards. For a more detailed look at our approach, refer to Convincing a billion users to love passkeys: UX design insights from Microsoft to boost adoption and security.
What data points can you share that show the impact FIDO authentication has had?
The impact has been significant:
- We now see over one million passkeys registered every day.
- Users signing in with passkeys are three times more successful (95% success rate vs. 30% for passwords).
- Passkey sign-ins are eight times faster than traditional password + MFA flows.
- Our passwordless-preferred UX has already reduced password use by over 20%.
These results confirm that FIDO authentication improves security, boosts user satisfaction, and reduces operational burdens like password resets and support calls.
