{
    "success": true,
    "data": {
        "id": 1754573,
        "msgid": "passwords-abandoned-many-move-to-their-replacements-1779542723",
        "date": "2026-05-21 14:20:00",
        "title": "Passwords Abandoned, Many Move to Their Replacements",
        "author": "",
        "source": "CNBC",
        "tags": "",
        "topic": "Technology",
        "summary": "Microsoft is phasing out SMS-based authentication and promoting passwordless logins via passkeys, aiming for a more secure and user-friendly experience. The move follows Google's earlier adoption of passkeys; however, researchers warn of potential vulnerabilities in biometric\/passkey workflows, citing a SquareX 2025 study. The exact timeline for the phased removal has not been disclosed.",
        "content": "<p>Passwords Have Been Abandoned, and Many Are Moving to Their\nReplacements<\/p>\n<p>Jakarta, CNBC Indonesia - Microsoft is moving away from the\ntraditional method of using passwords to access accounts. The company\nannounced it will no longer conduct authentication via SMS and will soon\nretire that feature.<\/p>\n<p>Microsoft explained that the removal of the feature is because\nSMS-based authentication is often a source of fraud, citing Tech Radar,\nThursday 21 May 2026.<\/p>\n<p>There was no timetable given for when the phased removal would be\ncompleted. However, Microsoft emphasised that there will be passwordless\nauthentication that is secure and user-friendly. Previously, Google had\nalso introduced passkeys that do not require passwords to access\naccounts.<\/p>\n<p>\u201cMoving to passwordless accounts, passkeys, and verified email, we\nhelp you stay one step ahead of evolving threats while making access to\naccounts simpler and smoother,\u201d Microsoft said in the announcement.<\/p>\n<p>Typing something, as with password or OTP, is prone to be forgotten\nor stolen. Passkeys work differently from that method, using\ncryptographic keys stored on the device and the service.<\/p>\n<p>The device will prove it has the correct key when the user signs in.\nThis is done via fingerprint, facial recognition, or a PIN.<\/p>\n<p>Passkeys are considered more secure because the secret key never\nleaves the device. They are believed to be free from phishing or data\nleaks.<\/p>\n<p>Many regard passkeys as the superior solution to replace passwords.\nYet not everyone agrees with that view.<\/p>\n<p>A 2025 SquareX study found a vulnerability in the system. When there\nis a biometric prompt, the system treats it as a security signal.<\/p>\n<p>\u201cUnknown is that attackers can easily forge passkey registration and\nauthentication by intercepting the passkey workflow in the browser,\u201d\nsaid SquareX researcher Shourya Pratap Singh.<\/p>\n<p>\u201cNearly all enterprise and consumer applications, including banking\napps and other important data storage, are at risk,\u201d he added.<\/p>",
        "url": "https:\/\/jawawa.id\/newsitem\/passwords-abandoned-many-move-to-their-replacements-1779542723",
        "image": ""
    },
    "sponsor": "Okusi Associates",
    "sponsor_url": "https:\/\/okusiassociates.com"
}