I do not understand using something other than a password to sign in to Hotmail

I don't have any passkeys yet. I sign in to one of my Windows 11 computers with a PIN (my system 2, the HP Desktop). System 1, (the secondhand Surface from eBay) came set up with no sign in (just click that box) and I left it that way. When I need to be signed in to Windows to do something on that one I sign in to my email., using its password.

I am now getting prompted by Windows to sign in to hotmail with a PIN, although this is somehow a passkey. I do not understand this at all. From just reading about it, I think I understand that a passkey can be either a code that looks like a PIN or a face or a fingerprint, but in any case is tied to a specific device. I do not want my hotmail tied to a specific device. My system 2 has no camera or fingerprint reader. System 1 had a camera but no fingerprint reader.

I have a lot of history in my hotmail accounts and do not want to lose this trying to change my sign in method without understanding what I am doing.

I do not intend to carry around a yubikey or other device to sign in with.

BTW, if a passkey involves being on the internet I am done for, because our internet is often down. In that instance can still use the locally installed Microsoft Office.

Can someone just walk me through it?

please try
settings > accounts > >email and accounts

click on 'add account'
and add your hotmail account details there
you can do this on both systems, then see if all is well.

best of luck, Steve ..

Your Hotmail sign-in is also your Microsoft account sign-in. Using a PIN or passkey are just different ways to sign-in. Any of them will work, it is just up to you. You can sign-in to your Hotmail (Outlook) account from any Windows device, even one that you don't use or own (I do on my wife's PC on occasion, even though I didn't set up an account on it).
You can go passwordless on your Microsoft account, which entails using the Microsoft authenticator app on a smartphone. I set up a passkey for mine and stored it in my password manager. Same passkey works on my PC and laptop.
Sign in to your Microsoft account online and under Security, you will be able to set up to 10 different ways to sign in. A passkey would be just one of them.
For those times when your internet is down, signing to your account using Windows Hello with a PIN (which it sounds like you are doing on your HP desktop) will still work. On your Surface sign in using your email and password then go to Settings>Accounts>Sign-in Options>PIN (Windows Hello) and set a PIN on it.
Adding to the ways to sign in won't negate other methods unless you specifically do so.

I would like to add that you can still use the Outlook email app even if you use a local account on your computer.

I use a local Windows 11 account. However, I still use my Microsoft account for other things such as email.

In the Outlook app I have two email accounts

• Account #1: Shows email from my Outlook.com account. Login is my Microsoft account
• Account #2: Shows email from my Gmail.com account. Login is my Google account.

I can have both accounts active at one time so can alternate looking at the email from each one.

Tink009 said:

Your Hotmail sign-in is also your Microsoft account sign-in. Using a PIN or passkey are just different ways to sign-in. Any of them will work, it is just up to you. You can sign-in to your Hotmail (Outlook) account from any Windows device, even one that you don't use or own (I do on my wife's PC on occasion, even though I didn't set up an account on it).
You can go passwordless on your Microsoft account, which entails using the Microsoft authenticator app on a smartphone. I set up a passkey for mine and stored it in my password manager. Same passkey works on my PC and laptop.
Sign in to your Microsoft account online and under Security, you will be able to set up to 10 different ways to sign in. A passkey would be just one of them.
For those times when your internet is down, signing to your account using Windows Hello with a PIN (which it sounds like you are doing on your HP desktop) will still work. On your Surface sign in using your email and password then go to Settings>Accounts>Sign-in Options>PIN (Windows Hello) and set a PIN on it.
Adding to the ways to sign in won't negate other methods unless you specifically do so.

Click to expand...

I understand the first paragraph. After that I get confused. If I set up Hotmail to sign in with the PIN I use to sign in with my desktop, isn't the PIN tied to the desktop? I cannot, for example, sign in to my Windows 10 computer, to which I sign it with it's own PIN, and then sign in to Hotmail with the PIN that is tied to the desktop. That would mean that the PIN could be used to sign in to Hotmail on any computer, which means it is essentially a 4 character password.

If the whole objective is to get away from passwords, am I not as insecure as ever if I follow your advice and add multiple ways to sign in, leaving one of them as a password?

I have no intention of using an app on my smartphone as well as my computer to sign in to my email. That would involve many agents on my phone: Samsung, Google/Android, and Microsoft. Samsung is so involved with updating OneUI and inserting AI into its operations that often the phone doesn't perform basic functions (twice it has reset my side button from "turn off" to Bixby). At present I do use two-factor authentication for all sites involving money.

Now let's talk about passkeys.

I really get lost when advice turns to having passkeys inside password managers (which are to be accessed with a complex password? did I miss something more secure?), PINs stored in passkeys, etc.

O.K., so, as I understand it, Microsoft wants us to go to passkeys because they are more secure. If I tell MS to sign in to Hotmail with the PIN I use to sign in to, for example, my desktop:

1) does that mean that by signing in to my computer I am also signed in to my email accounts, Use as Administrator, and everything else?
2) then how do I sign in from my laptop (after giving it a PIN,) or some other computer?
3) if I do not then delete the former password as a sign in option. isn't that still out there in the wild to be hacked? And what do I use to sign in to say, my hotmail account while on neighbor's computer to show her an email?

I meant this to be a simple question about how to comply with Microsoft's instructions to use a passkey to sign in to hotmail, given that it has no camera or fingerprint reader. And to use whatever replaces the password to sign in to that hotmail account, on any device.

There is a lot going on with passkeys, but 90% of it isn't visible to the user. You very likely set one up without realizing it. That's ok if you have a username/password that will still work as a form of auth.

When a Windows device is a passkey a few things happen at a high level. An exchange happens between a service (hotmail and your device (the passkey) in which a key pair is created. The private key never leaves your computer and is stored in the TPM (aka your windows device), but the public key is shared with the service. When you attempt to auth with a passkey you are challenged by Windows with a moderm auth factor such as a pin, bio or face, this in turn unlocks access to the private key. A challenge is generated, encrypted with that private key and sent to the service. The service already knows what the decrypted challenge should be. It will decrypt that challenge with the public key and compare the challenge. If it matches you are authorized.