Windows 11 and Password Managers Expand Passkey Support
Microsoft has introduced a new Windows API that allows third-party applications, such as 1Password, to manage passkeys directly within Windows 11. This integration enables users to create, sync, and manage passkeys using their preferred password manager, leveraging Windows Hello for authentication. The update aims to simplify the user experience by allowing password managers to take over credential management from Windows, making it easier for users to adopt passkeys for secure authentication across devices and services.
The shift towards passkey authentication is part of a broader industry move to replace traditional passwords with more secure, phishing-resistant credentials. Passkeys utilize cryptographic methods and can be managed by platform, virtual, or roaming authenticators, with password managers increasingly supporting software-only (virtual) authenticators. This approach addresses longstanding security issues associated with passwords, such as susceptibility to phishing and poor user password hygiene, and is expected to become the standard for online authentication as more services adopt passkey support.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
ZDNet reports Windows 11 adds a more convenient way to store passkeys
ZDNet published a follow-up article stating that Windows 11 users had received a more convenient method for storing passkeys, describing how the feature works.
ZDNet reports on software-only passkey authentication approach
ZDNet published an article explaining that users already rely on a software-only approach to passkey authentication and why that matters for passkey use and security.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


