[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fN8-vGCQSbbTWh6n4ded6wQoxQx-ZPmiLa8GTtWJ4d4o":3},{"lesson":4},{"id":5,"slug":6,"article_id":7,"title":8,"body":9,"prevention":10,"framework_refs":11,"status":17,"created_at":18,"published_at":19,"article":20,"tags":23},"4b481a4a-6ec7-4104-9026-2f9432b1c446","microsoft-entra-passkeys-strengthen-phishing-resistant-authentication","beac35bb-8381-4935-a95c-598094ed20bc","Microsoft Entra Passkeys Strengthen Phishing-Resistant Authentication","Microsoft's rollout of passkey support for Entra-protected resources represents a significant advancement in passwordless authentication technology. Passkeys use cryptographic methods bound to specific devices and never transmit credentials over networks, eliminating common attack vectors like credential theft and phishing. Organizations should prepare for this transition as it offers superior security compared to traditional password-based authentication methods. The technology leverages existing Windows Hello biometric and PIN capabilities, making adoption more seamless for users already familiar with these authentication methods.","**Implementation preparation:**\n- Audit current authentication methods and identify systems ready for passkey integration\n- Develop a phased rollout plan for transitioning from passwords to passkey authentication\n- Test passkey functionality with pilot user groups before organization-wide deployment\n\n**Security enhancement:**\n- Configure multi-factor authentication as a backup during the transition period\n- Establish device management policies for corporate, personal, and shared devices using passkeys\n- Train IT support staff on passkey troubleshooting and recovery procedures\n\n**Long-term strategy:**\n- Integrate passkey authentication into identity governance frameworks\n- Monitor authentication logs for successful passkey adoption rates and security incidents\n- Plan for legacy system compatibility and gradual password elimination across the organization",[12,13,14,15,16],"CIS Control 6","NIST SP 800-63B","NIST AC-2","NIST IA-2","ISO 27001 A.9.4.2","published","2026-04-25T07:09:25.329171+00:00","2026-04-25T07:09:25.169+00:00",{"id":7,"url":21,"title":22},"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fmicrosoft\u002Fmicrosoft-to-roll-out-entra-passkeys-on-windows-in-late-april\u002F","Microsoft to roll out Entra passkeys on Windows in late April",[24,30],{"id":25,"name":26,"slug":27,"description":28,"color":29},"1ec88fde-2d0f-4ed8-932a-33f5ccc0fdc7","Access Control","access-control","Excessive privileges, missing MFA, weak auth","#f97316",{"id":31,"name":32,"slug":33,"description":34,"color":35},"7261eb8f-acd4-4d93-a489-7fdd652ec0ea","Security Awareness","security-awareness","Phishing, social engineering, human error","#22c55e"]