Front page layout
Sign up or login to join the discussions!
Andrew Cunningham –
Microsoft has been working to make passwordless sign-in for Windows and Microsoft accounts a reality for years now, and today those efforts come to fruition: The Verge reports that starting today, users can completely remove their passwords from their Microsoft accounts and opt to rely on Microsoft Authenticator or some other form of verification to sign in on new devices. Microsoft added passwordless login support for work and school accounts back in March, but this is the first time the feature has been offered for regular, old individual Microsoft accounts.
Passwordless accounts improve security by taking passwords out of the equation entirely, making it impossible to get any kind of access to your full account information without access to whatever you use to verify your identity for two-factor authentication. Even if you protect your Microsoft account with two-factor authentication, an attacker who knows your Microsoft account password could still try that password on other sites to see if you’ve reused it anywhere. And some forms of two-factor authentication, particularly SMS-based 2FA, have security problems of their own.
Microsoft has offered passwordless authentication for Windows 10 and Microsoft accounts for a while now, and if you’re already taking advantage of those features, nothing about how you sign in to your devices has to change. You just need to visit the Microsoft Account site, go to the Security tab, select “Advanced security options,” and turn on the passwordless account feature to remove your password entirely.
If you want to go fully passwordless, the easiest and most secure way for most people is to use the Microsoft Authenticator app on your phone; if you already have it installed, all you need to do to confirm the removal of your account’s password is open the app and approve the change. Other authenticator apps like Authy or Google Authenticator won’t work with the QR code format that Microsoft uses to enable passwordless accounts. You could also use a physical security token like a Yubikey or a PC with Windows Hello support to log in.
You must login or create an account to comment.
Join the Ars Orbital Transmission mailing list to get weekly updates delivered to your inbox.
WIRED Media Group
Your California Privacy Rights | Do Not Sell My Personal Information
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast.
Front page layout