Vinithra Rajendran, Author at Microsoft Edge Blog https://blogs.windows.com/msedgedev Official blog of the Microsoft Edge Web Platform Team Mon, 03 Nov 2025 16:58:57 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.4 https://winblogs.thesourcemediaassets.com/sites/33/2021/06/cropped-browser-icon-logo-32x32.jpg Vinithra Rajendran, Author at Microsoft Edge Blog https://blogs.windows.com/msedgedev 32 32 Microsoft Edge introduces passkey saving and syncing with Microsoft Password Manager https://blogs.windows.com/msedgedev/2025/11/03/microsoft-edge-introduces-passkey-saving-and-syncing-with-microsoft-password-manager/ https://blogs.windows.com/msedgedev/2025/11/03/microsoft-edge-introduces-passkey-saving-and-syncing-with-microsoft-password-manager/#respond Mon, 03 Nov 2025 16:58:57 +0000 https://blogs.windows.com/msedgedev/?p=26101 We're thrilled to share that passkeys can now be securely saved and synced across your Windows desktop devices using Microsoft Password Manager in Edge. This update makes signing in easier and safer. Here's how it works and why passkeys are the smart

The post Microsoft Edge introduces passkey saving and syncing with Microsoft Password Manager appeared first on Microsoft Edge Blog.

]]> What are passkeys? Passkeys are a simpler and more secure way to sign in to your apps and websites without needing a password. Instead of typing a password, you authenticate using your device's built-in security, like a fingerprint, facial recognition, or a PIN. Passkeys are built on the Fast IDentity Online 2 (FIDO2) open standard, which uses public-key cryptography to securely sign you in. Your account stores a unique private key safely specific to a website, while the website only keeps a public key. This means that even if a website suffers a data breach, your account stays safe. https://www.youtube.com/watch?v=je-CtqdQNLc

Why should I use passkeys?

Passkeys are becoming the future of online security. Stronger security:
  • Passkeys can't be guessed or reused like passwords.
  • They're resistant to phishing and credential stuffing attacks.
Faster and simpler way to sign in:
  • No need to remember complex passwords or type them manually.
  • Just use your fingerprint, face scan, or device PIN to sign in.
Seamless across devices:
  • Passkeys sync securely via your Microsoft account and are currently available on Windows devices – with planned future availability on additional platforms.
Privacy-first by design:
  • Your biometric data is processed locally on your device.
  • Websites only get a cryptographic proof that you are you.

How can I use passkeys in Microsoft Edge?

You can store passkeys in Microsoft Password Manager in Edge. This is currently supported on Windows, with planned future availability on additional platforms. Passkeys are stored in your Microsoft account and protected by a Microsoft Password Manager PIN, which you'll setup while creating passkey for the very first time. When you visit a site which supports passkeys, you'll be asked if you'd like to create a passkey in Microsoft Password Manager. The created passkey gets saved in Microsoft Password Manager and can be used to login to the specific website by simply performing your preferred way of device authentication such as fingerprint, facial recognition, or PIN code. While syncing passkeys on subsequent devices, you'll be asked to verify yourself by providing the Microsoft Password Manager PIN that you created before to unlock your passkeys on the new device.

Ready to try passkeys?

Whenever you see the Create a passkey prompt, give it a try! It's the easiest way to make your online life simpler and more secure. Pre-requisites:
  • Windows device (version 10 and above)
  • Microsoft Edge (version 142 and above)
  • Microsoft account
How are my passkeys securely stored in Microsoft Password Manager? The created passkeys are stored securely in the cloud in an encrypted format and are additionally protected by a Microsoft Password Manager PIN. For unlocking passkeys on a new device, you will have a maximum of 10 attempts to input the correct PIN. If you forget your Microsoft Password Manager PIN, you can reset it from a device that already has passkey access by navigating to Edge Settings > Passwords and autofill > Microsoft Password Manager > Settings. All the unlocking and reset attempts of Microsoft Password Manager PIN are logged and integrity protected in the immutable Azure confidential ledger for added transparency. Can I use passkeys created on Microsoft Password Manager on other apps? With the Microsoft Password Manager plugin on Windows, you can use your passkeys outside of Edge, such as in other browsers and applications on Windows. This capability is coming soon on Windows.

Frequently Asked Questions

What happens to my saved passwords?
Your saved passwords remain untouched. You can continue using them as usual. But whenever a site supports passkeys, you'll have the option to upgrade to a passkey for stronger security and faster logins.
Do I need to create new accounts to use passkeys?
No. For most existing accounts, you can simply add a passkey without changing anything else.
What if I switch devices?
Your passkeys are securely backed up and synced through your Microsoft account. When you sign in to a new device, your passkeys come with you. Note: This requires verifying yourself with the Microsoft Password Manager PIN on the new device. Passkey sync capability is available on Windows and will be expanded to other platforms soon.
Is syncing passkeys available on mobile or for work or school accounts (Microsoft Entra)?
No, this functionality is currently not available for mobile devices or for Microsoft Entra accounts.
Are passkeys safe if someone steals my device?
Yes, passkeys are designed to be secure even if your device is lost or stolen. Without your fingerprint, facial recoginition, or device PIN, no one can use them.
Can I still view or manage my saved passwords?
Absolutely. You can manage both your existing passwords and passkeys from your Microsoft Password Manager in Edge.
Where can I learn more?
You can learn more about Azure confidential ledger by visiting Azure confidential ledger documentation.
]]> https://blogs.windows.com/msedgedev/2025/11/03/microsoft-edge-introduces-passkey-saving-and-syncing-with-microsoft-password-manager/feed/ 0 Introducing secure password deployment in Microsoft Edge for Business https://blogs.windows.com/msedgedev/2025/06/11/introducing-secure-password-deployment-in-microsoft-edge-for-business/ https://blogs.windows.com/msedgedev/2025/06/11/introducing-secure-password-deployment-in-microsoft-edge-for-business/#respond Wed, 11 Jun 2025 16:04:01 +0000 https://blogs.windows.com/msedgedev/?p=25826 In many organizations today, employees often resort to sharing passwords via sticky notes or emails. This not only exposes sensitive credentials to unintended recipients, but also increases the risk of those passwords being forwarded or misused. To a

The post Introducing secure password deployment in Microsoft Edge for Business appeared first on Microsoft Edge Blog.

]]> secure password deployment—now generally available—as an enterprise-grade solution that helps enhance security and simplify access at no additional cost.

What is secure password deployment?

Secure password deployment allows administrators to deploy encrypted shared passwords to a set of users within their organization. With this feature, users will receive the deployed passwords on their device and can seamlessly log into websites. This helps reduce the risk of unauthorized access by preventing end-users from copying or sharing passwords to unintended audiences, therefore enhancing the overall security posture of the organization.

How does it work?

The secure password deployment feature is integrated into the Microsoft Edge management service within the Microsoft 365 admin center. Here, administrators can easily configure and manage browser settings for their organizations through configuration policies. Within a policy, admins can choose to deploy encrypted passwords to a specific group of users. By extending the familiar Autofill experience, admins are given a streamlined and intuitive interface to add, update, and revoke credentials as needed. The Microsoft 365 admin center site, showing the Add credentials sidebar that's used to deploy credentials.

End-user experience

When a password is shared with an end-user, it appears in their Edge password manager, ready for autofill whenever they visit the corresponding site. An email sign-in input on a website. The Edge password manager autofill box is displayed, showing the deployed credentials. These passwords are accessible within Edge but cannot be viewed, edited, or deleted (unless a website allows it), or exported from the password manager. The admin-deployed passwords will automatically show up in the work profile in Edge, on managed Windows devices, ensuring a seamless and secure login experience. Note that motivated users may use developer tools to reveal the passwords; you may restrict access to developer tools by configuring the DeveloperToolsAvailability policy. The Wallet page in Microsoft Edge, showing the Passwords section. The pointer is hovering over a stored password and a tooltip indicates: Your organization has disabled the ability to view or copy this shared password.

Security and encryption

From the Edge management service

To ensure enterprise-grade security for credential deployment, the secure password deployment feature in the Microsoft Edge Management service integrates with the Microsoft Information Protection SDK (Protection SDK). This SDK enables identity-bound encryption, meaning that encrypted credentials can only be accessed by authenticated users within the organization. By leveraging the Protection SDK, passwords are encrypted using strong, standards-based algorithms and are persistently protected wherever they reside. The encryption is tightly coupled with Entra identities, ensuring that access is automatically enforced based on organizational policies—without requiring manual key management or additional infrastructure. This integration brings the power of Microsoft’s data protection platform directly into the Edge Management experience, giving administrators a seamless way to deploy credentials securely while aligning with Zero Trust principles and compliance requirements.

From Edge for Business

Edge for Business also integrates the Microsoft Information Protection SDK to securely decrypt credentials at runtime. When a user accesses a site that requires a deployed password, the browser uses the SDK to validate the user’s identity and then decrypts the credential using the same identity-bound protection applied during encryption. This ensures that credentials are only accessible to authorized users, even on the endpoint. The decryption process is seamless and unobtrusive to the user, maintaining a familiar Autofill experience while enforcing strict access controls behind the scenes. Because the encryption is tied to Entra ID identities, the credentials remain protected even if copied or moved outside the browser context. By embedding the Protection SDK directly into Edge for Business, we extend Microsoft’s data protection capabilities all the way to the endpoint—ensuring that sensitive information is safeguarded from configuration to consumption.

Get started with secure password deployment

To start using secure password deployment, first navigate to the Edge management service in the Microsoft 365 admin center. From there, choose an existing configuration policy or create a new configuration policy. Once inside the policy, navigate to the Customization Settings tab and then to the Secure password deployment page. This feature is available for Microsoft 365 Business Premium, E3, and E5 subscriptions, and requires the Edge admin or Global admin role. Edge for Business continues to innovate, providing robust security features to meet the evolving needs of modern organizations. Embrace secure password deployment today and take a step towards a safer digital environment.]]> https://blogs.windows.com/msedgedev/2025/06/11/introducing-secure-password-deployment-in-microsoft-edge-for-business/feed/ 0