Technology

Microsoft accounts can develop into passwordless, making password123 a factor of the previous

microsoft-accounts-can-develop-into-passwordless-making-password123-a-factor-of-the-previous

Getty Images

Microsoft has worked for years to make passwordless sign-in for Windows and Microsoft accounts a reality, and today those efforts are bearing fruit: The Verge reports that starting today, users can completely remove their passwords from their Microsoft accounts and rely on Microsoft Authenticator or some other form of verification to sign in to new devices. Microsoft added support for passwordless sign-in for work and school accounts back in March, but this is the first time the feature has been offered for regular, legacy Microsoft individual accounts.

Passwordless accounts improve security by taking passwords completely out of the equation and making it impossible to access your full account information without accessing what you use to verify your identity for two-factor authentication. Even if you protect your Microsoft account with two-factor authentication, an attacker who knows your Microsoft account password could try that password on other websites to see if you’ve reused it somewhere. And some forms of two-factor authentication, particularly SMS-based 2FA, have security problems of their own.

advertising

The warning message you see when you enable the passwordless account feature.

The warning message you see when you enable the passwordless account feature.

Andrew Cunningham

Microsoft has been offering passwordless authentication for Windows 10 and Microsoft accounts for a while now, and if you’re already using these features, nothing needs to change in how you log into your devices. All you have to do is visit the Microsoft accounts website, go to the Security tab, select “Advanced Security Options” and enable the passwordless account feature to completely remove your password.

If you want to work completely passwordless, using the Microsoft Authenticator app on your phone is the easiest and most secure way for most users. If you’ve already installed it, all you need to do is open the app and approve the change to confirm removing your account’s password. Other authentication apps like Authy or Google Authenticator don’t work with the QR code format Microsoft uses to enable passwordless accounts. You can also sign in with a physical security token such as a Yubikey or a PC that supports Windows Hello.

0 Comments