*For this entry exists the more relevant or more recent entry MC1282568
check before: 2026-03-31
Product:
Entra, Microsoft 365 Apps, Windows
Platform:
Mac, Online, US Instances, World tenant
Status:
Change type:
Admin impact, New feature, Updated message, User impact
Links:
Details:
Summary:
Microsoft Entra passkeys on Windows enable phishing-resistant, passwordless sign-in using Windows Hello on both managed and unmanaged devices. Public preview runs from late March to May 2026. Organizations must opt in and configure passkey policies; existing security policies remain unchanged. No compliance issues identified.
Details:
Updated March 18, 2026: We have updated the timeline. Thank you for your patience.
[Introduction]
We're introducing Microsoft Entra passkeys on Windows to enable phishing-resistant sign-in to Entra-protected resources. This update allows users to create device-bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN). It also expands passwordless authentication to Windows devices that aren't Entra-joined or registered, helping organizations strengthen security and reduce reliance on passwords.
[When this will happen]
Public preview:
Worldwide: Late March 2026 to late April 2026
GCC: Late April 2026 to late May 2026
GCC High: Late April 2026 to late May 2026
DoD: Late April 2026 to late May 2026
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2026-03-17
updated:
2026-04-17
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Please, look at the most relevant linked item for details
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2026-03-19 | MC MessageTagNames | New feature, User impact, Admin impact | Updated message, New feature, User impact, Admin impact |
| 2026-03-19 | MC Summary | Microsoft Entra passkeys on Windows enable phishing-resistant, passwordless sign-in using Windows Hello on Entra-protected resources, including unmanaged devices. Public preview starts mid-March 2026. Organizations must opt in and configure policies to enable this feature; no impact occurs without activation. | Microsoft Entra passkeys on Windows enable phishing-resistant, passwordless sign-in using Windows Hello on both managed and unmanaged devices. Public preview runs from late March to May 2026. Organizations must opt in and configure passkey policies; existing security policies remain unchanged. No compliance issues identified. |
| 2026-03-19 | MC Last Updated | 03/09/2026 23:24:40 | 2026-03-19T00:06:48Z |
| 2026-03-19 | MC Messages | [Introduction]
We're introducing Microsoft Entra passkeys on Windows to enable phishing-resistant sign-in to Entra-protected resources. This update allows users to create device‑bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN). It also expands passwordless authentication to Windows devices that aren't Entra‑joined or registered, helping organizations strengthen security and reduce reliance on passwords. [When this will happen] Public preview: Rolling out from mid-March 2026 through late April 2026 General Availability Worldwide: Mid‑March 2026 to mid‑April 2026 GCC: Mid-April 2026 to mid-May 2026 GCC High: Mid-April 2026 to mid-May2026 DoD: Mid-April 2026 to Mid-May 2026 | Updated March 18, 2026: We have updated the timeline. Thank you for your patience.
[Introduction] We're introducing Microsoft Entra passkeys on Windows to enable phishing-resistant sign-in to Entra-protected resources. This update allows users to create device‑bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN). It also expands passwordless authentication to Windows devices that aren't Entra‑joined or registered, helping organizations strengthen security and reduce reliance on passwords. [When this will happen] Public preview: Worldwide: Late March 2026 to late April 2026 GCC: Late April 2026 to late May 2026 GCC High: Late April 2026 to late May 2026 DoD: Late April 2026 to late May 2026 |
| 2026-03-19 | MC Title | Microsoft Entra passkeys on Windows now support phishing-resistant sign-in | (Updated) Microsoft Entra passkeys on Windows now support phishing-resistant sign-in |
| 2026-03-19 | MC End Time | 05/30/2026 09:00:00 | 2026-06-29T09:00:00Z |
Last updated 2 days ago ago
