嗯,用户让我总结一下这篇文章的内容,控制在100字以内,而且不需要用“文章内容总结”之类的开头。首先,我需要仔细阅读文章,抓住主要信息。 文章主要讲的是微软在Windows设备上推出Passkey支持,通过Windows Hello实现无密码登录。这个功能是可选的,从2026年3月中旬开始进入公开预览阶段,持续到4月底。政府云环境则稍晚一些。 另外,这个功能还扩展到了未加入或注册的Windows设备,弥补了之前的空白。生成的Passkey与设备绑定,不会在网络上传输,这样可以防止钓鱼攻击和恶意软件窃取。 微软还提到每个Entra账户会在每个设备上注册自己的Passkey,多个账户可以在同一台机器上共存。但Passkey不能在设备间同步,所以每个账户都需要单独注册。 总结的时候要包括这些关键点:Passkey支持、Windows Hello、无密码登录、公开预览时间、覆盖范围以及安全性。同时要控制在100字以内。 最后检查一下有没有遗漏的重要信息,比如政府云环境的时间安排和未管理设备的支持。确保语言简洁明了。 </think> 微软为Windows设备推出基于Microsoft Entra的Passkey支持,通过Windows Hello实现抗钓鱼的无密码登录。该功能从2026年3月中旬起进入全球公开预览,并扩展至未管理的Windows设备。生成的Passkey与设备绑定,无法在网络传输或同步。 2026-3-10 15:31:15 Author: www.bleepingcomputer.com(查看原文) 阅读量:1 收藏
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.
The feature is opt-in and will enter public preview from mid-March through late April 2026 for worldwide tenants. Government cloud environments (GCC, GCC High, and DoD) follow with mid-April through mid-May rollout windows.
Notably, this also extends passwordless sign-in to unmanaged Windows devices, a gap that previously left personal and shared devices relying on password-based authentication.
"We're introducing Microsoft Entra passkeys on Windows to enable phishing-resistant sign-in to Entra-protected resources. This update allows users to create device‑bound passkeys stored in the Windows Hello container and authenticate using Windows Hello methods (face, fingerprint, or PIN)," Microsoft explains on the Microsoft 365 message center.
"It also expands passwordless authentication to Windows devices that aren't Entra‑joined or registered, helping organizations strengthen security and reduce reliance on passwords."
The generated passkeys are cryptographically bound to the device and never transmitted over the network, so threat actors can't steal them in phishing or malware attacks to circumvent multi-factor authentication.
Microsoft added that each Entra account will register its own passkey per device, and multiple accounts can coexist on a single machine. However, passkeys are device‑bound and cannot be synced across devices, so each Entra account will require separate registration.
To enroll in the public preview, IT administrators must enable the Passkeys (FIDO2) authentication method in Entra's Authentication Methods policies, create a passkey profile with the required Windows Hello AAGUIDs, and assign it to the appropriate groups.
Microsoft announced in May 2025 that all new Microsoft accounts will be "passwordless by default" to secure them against phishing, brute-force, and credential-stuffing attacks.
One year earlier, it rolled out support for passkey authentication for personal Microsoft accounts, after adding a built-in passkey manager for Windows Hello with the Windows 11 22H2 feature update.
Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
如有侵权请联系:admin#unsafe.sh