The passwordless future is here. Or, at least, that’s what Microsoft wants its users to think.
Beginning immediately, Microsoft account holders can now remove the passwords associated with their accounts entirely and sign in to apps and services via other methods such as the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to a phone or email account. Microsoft argues that these options are much safer and convenient than traditional passwords, which have become increasingly vulnerable due to reasons such as human nature.
[…] we try and make things easier for ourselves. We often rely on known and personal words and phrases. One of our recent surveys found that 15 percent of people use their pets’ names for password inspiration. Other common answers included family names and important dates like birthdays. We also found 1 in 10 people admitted reusing passwords across sites, and 40 percent say they’ve used a formula for their passwords, like Fall2021, which eventually becomes Winter2021 or Spring2022.
Unfortunately, while such passwords may be easier to remember, they are also easier for a hacker to guess. A quick look at someone’s social media can give any hacker a head start on logging into their personal accounts. Once that password and email combination has been compromised, it’s often sold on the dark web for use in any number of attacks.
Microsoft account holders can go passwordless today by installing the Microsoft Authenticator app and linking it to their personal Microsoft account. The passwordless account option can be found at account.microsoft.com under the Security section of the dashboard (Security Advanced Security Options Additional Security).