Microsoft can’t get enough of Copilot in Windows. The OS shoves it in your face every chance it gets—in your taskbar, your Start menu, your keyboard. And while Copilot might actually be useful in certain situations, Windows 11 has received a ton of new features that are far more useful.
Windows 11’s latest update quietly added several great features, including passkey integration. It’s a far better and more secure way of logging into your accounts, and a far better feature to use than Copilot.
Why passwords are still a nightmare
The weakest link in security still rules our digital lives
I’m tired of passwords, and I know you probably share the feeling. Not only are passwords difficult to remember, manage, and create with all the new rules each website decides to impose, but they’re also fundamentally flawed.
Passwords are vulnerable to phishing attacks, where scammers trick you into typing them into fake websites. They’re vulnerable to brute force attacks where hackers just try thousands of combinations. They get stolen in data breaches regularly. No matter how strong a password you create, it’s always one mistake away from being stolen. Even your family PC could leak your saved passwords.
Sure, there are password managers that can make your life easy by storing passwords and autofilling them when needed. However, even they can fail, and I’ve stopped trusting password managers after the numerous breaches that even mainstream password managers have suffered. And please stop using your browser’s password manager if you still are.
What are passkeys, and why are they important
Goodbye passwords, hello biometrics
Simply put, a passkey is a modern, cryptographic way to prove you are who you claim to be—without ever needing to remember or type a password again. Instead of relying on something you know, like a password, passkeys use something you have (such as your phone) and something you are (your biometrics, like your fingerprint or face).
This not only makes passkeys significantly safer than passwords, but also much more convenient to use. They’re generated in public-private key pairs. The domain or website you’re creating an account for holds the public key, and your device holds the private one—the key that proves your identity—never to leave its local storage.
Passkeys are also bound to the specific domain they’re created for. They won’t work anywhere else. This makes them immune to phishing, one of the most common causes of password theft.
Windows 11 makes passkeys painless
Microsoft is quietly nailing the authentication experience
On Windows 11, you can use Windows Hello for passkeys. Windows Hello controls your device’s unlock mechanisms, like biometrics or PINs, and lets you use them as passkeys. You can use these passkeys with any applications or websites that support them.
Starting with Windows 11, version 22H2 with KB5030310, Windows also provides a native passkey management interface. Setting up a passkey is also surprisingly simple. When you visit a website that supports passkeys and, increasingly, the major ones do, you’ll be prompted to create one. Just use any of your available Windows Hello authentication methods to confirm your identity, and Windows will automatically create a passkey.
The next time you visit that website, you don’t type anything. You just confirm your identity using Windows Hello again, a quick face scan or fingerprint, and you’re logged in. No password field, no typing, no remembering anything.
Windows 11 also claims that it can sync your passkeys across multiple PCs if you use the same Microsoft account. These passkeys stay encrypted and are protected by your device’s TPM (Trusted Platform Module) and your Windows Hello settings. That said, I haven’t tested this feature and don’t intend to. Your passkeys should remain local and device-specific, instead of being synced and going through the cloud.
Aside from the security benefits of using a passkey, there’s also the convenience factor. Creating passwords, resetting them, waiting for password recovery keys, typing them in, and saving them in password managers are all hassles that disappear when you switch to passkeys.
Microsoft is pushing this hard because it seemingly understands something important: security only wins if people actually use it. We’ve created password systems so inconvenient that people do ridiculous things like reusing passwords or writing them on Post-it notes. Passkeys bring convenience without compromising security, which makes an excellent case for mass adoption.
A faster, safer way to sign in—no passwords required
Once you switch, you’ll never want to type a password again
Passkeys aren’t everywhere yet, and you’re still going to be typing passwords for the foreseeable future. However, bigger websites and services are constantly adding support for passkeys, and it’s best if you use them wherever possible.
Copilot might write you an email, but passkeys actually protect your identity and save you every single day. And if that isn’t one of the most useful features you could have on an OS used by the majority of computer users around the world, I don’t know what is.