A Passwordless Era is Here

On September 15, Microsoft announced on their blog post1that they are going passwordless. It means that users will no longer have to enter their passwords to access their Microsoft account.  For a lot of us, this is a great relief and something worth celebrating.

Password frustration is real. Many people are fed up with changing passwords constantly, remembering multiple passwords, and typing long, complex passwords. In fact, “password rage” is now a term that people use.

Passwordless access will not only ease users’ frustrations but will also increase security. According to Verizon’s Data Breach Investigation Report2, 80% of breaches within hacking involve the use of lost or stolen credentials. With regards to security costs and the importance of protecting sensitive data, user IDs and passwords are not sufficient to prevent breaches.

How does Passwordless Authentication Work?

Passwordless authentication is a method that confirms a person’s identity without using a password.  Identity is verified using different factors, including hardware tokens, biometric identification, such as the use of fingerprints, faces, retinal scans, or a unique set of codes generated by a phone application.

Microsoft allows you to choose from various authentication methods. A code can be sent via email, SMS, Windows Hello, or one of the most common methods is through the Microsoft Authenticator app. You must log on to your Microsoft account to set it up and download the application on your phone.

Passwords are one of the most common ways hackers gain access to sensitive data. By eliminating the use of passwords through passwordless authentication, security risks associated with credentials should be reduced.

1https://www.microsoft.com/security/blog/2021/09/15/the-passwordless-future-is-here-for-your-microsoft-account/

2https://www.verizon.com/business/resources/reports/dbir/