Microsoft now lets you remove passwords from Microsoft accounts to embrace a passwordless future. The software giant now allows consumers to sign into Microsoft accounts with its Microsoft Authenticator app, Windows Hello, a security key, or a text message / email verification code instead of a password.
Microsoft has been working toward a passwordless future for years, and the pandemic has only set things into motion. “When you have digital transformation and businesses having to go remote overnight … the number of digital surfaces has increased exponentially,” explains Jakkal, corporate vice president of Microsoft security, compliance & identity, in an interview. “The number of attack surfaces has increased exponentially, so that was a big driving factor for us in accelerating a lot of our security initiatives.”
The IT giant has picked up arms against traditional password-based multi-factor authentication.. This is because passwords are a prime target for cyberattacks and phishing since weak or reused passwords can be guessed or brute-forced through automated attacks. God knows how many times I’ve gotten my accounts hacked into.
The benefits of passwordless authentication are simple. Most people create their own passwords, and it’s often a challenge to create something that’s secure and easy to remember without relying on a password manager. People often reuse their passwords, too, allowing attackers to quickly log into a variety of compromised accounts after a particular organization is targeted and passwords are dumped.
Beginning today, you can now completely remove the password from your Microsoft account. Use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your favorite apps and services, such as Microsoft Outlook, Microsoft OneDrive, Microsoft Family Safety, and more.
I always keep running into this issue all the time. Don’t tell me you don’t. Forgetting a password can be painful too. I was shocked to learn that nearly a third of people say they completely stop using an account or service rather than dealing with a lost password.
There are three authentication methods that Microsoft lets you dump your password instantly.
1. Microsoft Authenticator App
2. Windows Hello for Business
This method of passwordless sign in is best for users who own dedicated Windows computers. It allows computer sign-in with biometric recognition such as face and fingerprints or a PIN that isn't transmitted into a network for security purposes through Azure Active Directory. For more about this method and its prerequisites for deployment in Azure AD, you can read this detailed Microsoft article.
3. Security Key Sign-in With Fido (Fast Identity Online) Security Keys
This method of passwordless login is for users who are tied to a shared machine, or work for highly privileged identities and aren't allowed phones, FIDO security keys are USB devices inserted into a machine for biometric and PIN authentication. Here's how you can enable your security keys.
If you decide you prefer using a password, you can always add it back to your account. But I hope you'll give Microsoft passwordless authentication a try - I doubt you'll ever want to go back.
Last Updated 3 months ago