Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.
This is possible after the Windows security team worked together with third-party managers to improve passwordless authentication by developing a passkey API for Windows 11.
The new feature has been introduced with the November 2025 security update for Windows 11, released yesterday.
Passkeys are a secure authentication mechanism that follows the FIDO2/WebAuthn standards, utilizing private-public key cryptography for local challenge signing and server-side verification, rather than passwords.
When users register on a passkey-enabled site or app, Windows generates a key pair, with the private key securely stored on Microsoft Password Manager, 1Password, or Bitwarden.
Bitwarden login with passkey Windows integration
Source: Microsoft
From then on, when attempting to log in on that site or app, a challenge is served to Windows, and the user is requested to verify themselves using Windows Hello, which is protected by PIN and biometrics authentication.
The system is considered superior to passwords due to its portability, higher convenience for users, and immunity to phishing attacks.
Microsoft has been pushing the adoption of passkeys on Windows, and the addition of third-party app support via the new API adds more flexibility for users.
... continue reading