Microsoft said in November 2018 that it would phase out passwords for Microsoft account sign-ins on Edge in favour of biometric authentication, FIDO-2 compatible keys, and the Microsoft Authenticator app. A similar sign-in experience was later extended to Azure Active Directory school accounts as well as commercial customers. Microsoft is now increasing support for passwordless login to Microsoft accounts for apps and services including Outlook, OneDrive, and FamilySafety, starting today.
According to the findings of a YouGov survey commissioned by Microsoft, passwords make users easy targets, waste time, and create barriers to app adoption. According to the survey, 33% of respondents have completely stopped using a service or account rather than deal with a password reset. In addition, 28% of users write down their passwords, making them more exposed to hackers. Starting yesterday, Microsoft account holders can use the Authenticator app, Windows Hello, a security key, or a verification number sent to their phone or email to log into a range of Microsoft services. Passwordless sign-in for enterprise users was introduced in March, and Microsoft CVP of identity and management Vasu Jakkal said it will be rolled out internationally in the coming weeks.
He went on to say that they are required to develop difficult and unique passwords, remember them, and change them on a regular basis, but that no one enjoys doing so. That’s why, in a blog post, they’ve been arguing for the past couple of years that the future is passwordless. Weak passwords are the most common entry point for assaults on both business and personal accounts. Every second, 579 password attacks are launched, totaling 18 billion every year.
Users must first install the Authenticator software and link it to their own Microsoft accounts in order to allow passwordless login. Then they must go to account.microsoft.com, log in, and select the Passwordless Account option from the Advanced Security Options menu. They’ll be able to use passwordless login after following the on-screen steps and approving the Authenticator notification.
A passwordless account will function with all current Microsoft apps and services, as well as recent versions. According to a Microsoft spokesperson, some older versions of apps and services are not supported yet and still require a password. Xbox 360 or earlier, Office 2010 or earlier, Office for Mac 2011 or earlier, and some command line and task scheduler services are among the apps and services that aren’t supported yet and still require a password.
As the number of data breaches hits an all-time high, digital firms are increasingly adopting passwordless login solutions. Last year, Apple revealed that users would be able to check into websites on Safari using Face ID and Touch ID, and in June, the company unveiled Passkeys, a system that allows users to sign up for services without having to use passwords. Google, for its part, began automatically enrolling account holders in two-factor authentication this spring, after allowing Android users to authenticate their identities using a fingerprint or screen lock on compatible websites in August 2019.