Microsoft has long been clear about where they are headed: away from passwords and toward phishing resistant authentication. In March 2026, they are taking a major step forward. Passkeys are automatically being enabled in all Microsoft Entra ID tenants, whether you are ready for it or not. In this article, I look at: What passkeys actually are What Microsoft is really enabling The difference between a new tenant and an established tenant with history The different approved au

Microsoft 365 is growing at a pace where files, sites, permissions, and sharing can quickly take on a life of their own if you’re not paying attention. Over time, organizations often end up with hundreds—sometimes thousands—of SharePoint sites that have been used, are still in use, or where no one really knows who owns them anymore. And with a bit of Copilot added on top, this becomes even more critical: poor data quality leads to poor AI quality—it’s as simple as that. To r

Note that Agent ID is currently only available for frontier organizations (Secure agent access with Microsoft Entra | Microsoft Security). It is still somewhat unclear when it will reach GA. (Microsoft is, as usual, following the SOR framework… Sooner Or Later.. 🕑) Governance building blocks Conditional Access for Workload Identities , applying targeted CA policies directly to agent identities, for example with location/IP requirements, risk, and authentication context. Her