Microsoft Decides to Go Passwordless

  • By Dawna M. Roberts
  • Published: Oct 15, 2021
  • Last Updated: Mar 18, 2022

 Microsoft has decided to do away with pesky passwords for logging into its platform. Instead, users will have four more secure alternatives to access their accounts and services.

Microsoft is Setting the Pace

Starting today, September 15, 2021, Microsoft has replaced passwords with four alternate, more secure methods of logging in. Security experts have been complaining about the use of passwords for a long time. They are a point of contention that Microsoft has finally decided to address. Most passwords are vulnerable to hacking, and many are stolen in data breaches and leaked on dark forum websites.

The four new options to log on with Microsoft are:

  • The Microsoft Authenticator app.
  • Windows Hello.
  • A physical security key.
  • A two-factor authentication key that is sent to you via email or SMS text message.
The change occurs on all consumer accounts within the Microsoft ecosystem, including OneDrive and Outlook. Additionally, the change comes within weeks of Microsoft rolling out its latest update - Windows 11.

However, some older apps such as Office 2010 or earlier, Remote Desktop and Xbox 360, and older unsupported versions of Windows will still require passwords. The new passwordless option will work on Windows 10 and Windows 11 exclusively. The tech giant is also rolling out this new feature for Azure AD accounts in the coming months. Admins will have control over who must still use passwords and will not. 

Microsoft said they are rolling out this new feature to all consumers during the next few weeks, so you may or may not be able to start logging on without your password today.
microsoft goes passwordless

How to Login Now with Microsoft

According to PCMagazine, “If you’d like to remove your Microsoft account password, install the Microsoft Authenticator app on your Android or iOS device. After that, visit account.microsoft.com and sign in as you normally would, then navigate to Advanced Security Options and access the “Additional Security” section. There, you’ll see a “Passwordless Account” option, which you can turn on. The on-screen prompts will then guide you through the process of removing the account password with the help of the Authenticator app.”

What are the Alternatives to Passwords?

Cybersecurity experts have been ringing the bell for years that it’s time for passwords to go. The biggest problem is security. Passwords are difficult for users to remember, they can be hacked easily, and they can be challenging to manage across multiple platforms/websites.

However, change is not always fast or easy. The most suggested alternatives to passwords are:

Email Authentication - Everyone has an email account. As long as the user has complete control over it, sending a code via email that only the user can access is more secure than a password.

Biometric Authentication - Many tech companies are moving toward facial recognition, fingerprinting, and other types of biometric authentication, which is very secure because it restricts access to only the intended user.

Single Sign-On - Google has been offering a way for users to sign into other apps and services using their Google login for years. Other companies like social media and even Apple are now offering the same service providing another layer of security between you and your accounts.

Who Will Be Next?

Password-based authentication is traditional but has become much less effective. Cybercriminals target passwords as their entry point into networked systems using brute force attacks or phishing campaigns. In addition, many people reuse passwords on multiple accounts, so if passwords are found in data breaches, hackers can access other accounts by the same owner. The bottom line is passwords don’t work anymore.

Many companies have been swiftly moving towards biometrics (faceID and fingerprint ID) as well as other multi-factor authentication systems and away from inefficient password-authentication. The question is, after Microsoft paves the way, who will be next?


About the Author
IDStrong Logo

Related Articles

46,000 Veterans and 13 Community Care Providers Affected by a VA Data Breach

The Incident Early last week, the Department of Veteran Affairs (VA) was breached by an unknown c ... Read More

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Latest Articles

What You Need to Know about the Coast Guard Data Breach

What You Need to Know about the Coast Guard Data Breach

The Coast Guard is the only branch of the United States military in the Department of Homeland Security. It enforces federal law, controls the nation's borders and maritime Approaches, and protects the United States ports and waterways.

Mars Hydro Security Flaw Puts IoT Users at Risk

Mars Hydro Security Flaw Puts IoT Users at Risk

Mars Hydro is a leading Chinese brand producing a wide range of Internet of Things (IoT) devices for indoor gardening and the hydroponics industry.

What You Need to Know about the Community Health Center Data Breach

What You Need to Know about the Community Health Center Data Breach

Community Health Center (CHC) is a non-profit founded in 1972 and headquartered in Middletown, Connecticut. It offers a broad range of services, including dentistry, primary care, urgent care, specialty medical services, and behavioral health.

What You Need to Know about the DeepSeek Data Breach

What You Need to Know about the DeepSeek Data Breach

DeepSeek, founded by Liang Wenfeng, is an AI development firm located in Hangzhou, China. The company focuses on developing open source Large Language Models (LLMs) and specializes in data analytics and machine learning.

What is vendor fraud and how to protect your business from vendor fraud

What is vendor fraud and how to protect your business from vendor fraud

Vendor fraud is a type of financial abuse that occurs when fraudsters pose as legitimate businesses to trick companies and individuals into paying for services they'll never receive.

What is Automated Clearing House (ACH) Fraud and How Does it Work?

What is Automated Clearing House (ACH) Fraud and How Does it Work?

Dashboard Http: Content.infopay. net Admin Idstrong Articles Create Create Article Title Slug Subdomain (Optional) Page Status Categories CreditData BreachesData PrivacyFeatured ArticlesIdentity TheftMultiple BreachesNewsPublic RecordsScamsSecurity TipsStatisticsVideos Tags Add a tag Published Date Author Editor Show author info box Show editor info box Content

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close