Microsoft Decides to Go Passwordless
Table of Contents
- By Dawna M. Roberts
- Published: Oct 15, 2021
- Last Updated: Mar 18, 2022
Microsoft has decided to do away with pesky passwords for logging into its platform. Instead, users will have four more secure alternatives to access their accounts and services.
Microsoft is Setting the Pace
Starting today, September 15, 2021, Microsoft has replaced passwords with four alternate, more secure methods of logging in. Security experts have been complaining about the use of passwords for a long time. They are a point of contention that Microsoft has finally decided to address. Most passwords are vulnerable to hacking, and many are stolen in data breaches and leaked on dark forum websites.
The four new options to log on with Microsoft are:
- The Microsoft Authenticator app.
- Windows Hello.
- A physical security key.
- A two-factor authentication key that is sent to you via email or SMS text message.
How to Login Now with Microsoft
According to PCMagazine, “If you’d like to remove your Microsoft account password, install the Microsoft Authenticator app on your Android or iOS device. After that, visit account.microsoft.com and sign in as you normally would, then navigate to Advanced Security Options and access the “Additional Security” section. There, you’ll see a “Passwordless Account” option, which you can turn on. The on-screen prompts will then guide you through the process of removing the account password with the help of the Authenticator app.”
What are the Alternatives to Passwords?
Cybersecurity experts have been ringing the bell for years that it’s time for passwords to go. The biggest problem is security. Passwords are difficult for users to remember, they can be hacked easily, and they can be challenging to manage across multiple platforms/websites.
However, change is not always fast or easy. The most suggested alternatives to passwords are:
Email Authentication - Everyone has an email account. As long as the user has complete control over it, sending a code via email that only the user can access is more secure than a password.
Biometric Authentication - Many tech companies are moving toward facial recognition, fingerprinting, and other types of biometric authentication, which is very secure because it restricts access to only the intended user.
Single Sign-On - Google has been offering a way for users to sign into other apps and services using their Google login for years. Other companies like social media and even Apple are now offering the same service providing another layer of security between you and your accounts.
Who Will Be Next?
Password-based authentication is traditional but has become much less effective. Cybercriminals target passwords as their entry point into networked systems using brute force attacks or phishing campaigns. In addition, many people reuse passwords on multiple accounts, so if passwords are found in data breaches, hackers can access other accounts by the same owner. The bottom line is passwords don’t work anymore.
Many companies have been swiftly moving towards biometrics (faceID and fingerprint ID) as well as other multi-factor authentication systems and away from inefficient password-authentication. The question is, after Microsoft paves the way, who will be next?
