Blog Post

Microsoft Entra Blog
5 MIN READ

New user experience for consumer authentication

Robin Goldstein's avatar
Robin Goldstein
Former Employee
Mar 26, 2025

Microsoft is rolling out a new sign in experience for over 1 billion end users. What we learn can help to improve sign-in for all Microsoft customers.

Hello friends,  Today, I’m excited to share that we’re making authentication more modern, simple, and secure for over a billion Microsoft accounts. People around the world use Microsoft accounts to...
Updated Mar 26, 2025
Version 2.0
microsoft 365
Robin Goldstein's avatar
Former Employee
Joined September 28, 2018
View Profile
Microsoft Entra Blog
Stay informed on how to secure access for employees, customers, and non-human identities, from anywhere, to multicloud and on-premises resources, with comprehensive identity and network access solutions powered by AI.
Robin Goldstein's avatar
Robin Goldstein
Former Employee
Apr 03, 2025

shommes Thanks for reading our update. We care deeply about customer experience and will continue to invest with user feedback and data as a guide. The user research referenced in the post is based on observing users who must use passwords v users who decide to use passkeys instead. Device pins and faceID's do not sync to the cloud. Customers who have passwords on their accounts are welcome to keep using them, we are not deleting passwords or data as a part of these changes. Thanks!

shommes's avatar
shommes
Copper Contributor
May 03, 2025

"Device pins and faceID's do not sync to the cloud."

That's not the point. The point is that requiring me to store biometric data on my device means it can be stolen (and become the victim of identity theft) when I shouldn't have to use it to begin with.

  1. The login experience is optimized for people who log in without passwords instead of being optimized for the method someone actually uses. That is hostile design. I shouldn't have to click through all the passkey nonsense because you can't be bothered to optimize for passwords. You are designing the login experience to be hostile to password users on purpose hoping to convince people to switch to another method when you should be designing with the user's preference at the core.
  2. We now also have reports that new accounts will no longer support passwords starting in June 2025. Again, hostile design. We should be able to log in normally.
  3. The reliance on passwordless has accessibility issues for people who can't use faceID or fingerprints.

It is clear to me that Microsoft only cares about people who agree with their current approach to "security". Unless something changes drastically, I will switch to Linux when Windows 10 is unceremoniously slaughtered in October. At that point there is nothing left to stick around for: just an inferior OS stuffed with AI spyware and an inferior login method that isn't securing any account data and actively tries to lock out the user who should have access.