Microsoft accounts will go passwordless
Microsoft started to work on making passwordless sign-in for Microsoft and Windows accounts a couple of years ago. Today, this plan will come to a realization: The Verge reported that users could use Microsoft Authenticator or some other verification methods to sign in. They can eliminate their passwords from Microsoft accounts. At the beginning of this year, Microsoft enabled passwordless login possibilities for school and work accounts. However, this was the first time Microsoft decided to offer the feature for regular Microsoft accounts. So now, Microsoft offers passwordless authentication for Microsoft accounts and Windows 10.
Passwordless accounts have more security improvements, making accessing your account information impossible without accessing everything you apply to verify your identity for two-factor authentication. Microsoft said that even if someone protects his account with two-factor authentication, a hacker knowing his Microsoft password can still check that password in other accounts to see if this person uses the same password everywhere. It added that some other forms of 2FA, particularly SMS-based, have additional security problems.
There are some easiest and most secure ways to do so for people who want to go fully passwordless. Most people prioritize using the Microsoft Authenticator app that you can download and have on your phone. If you have already downloaded and installed it, you just need to confirm removing your password. You should first open the app and start approving the change. Other authenticator apps such as Google Authenticator or Authy can not work with the QR code format that Microsoft provides to allow passwordless accounts. Another way to log in is to use a PC with Windows support or a Yubikey (a physical security token).
Corporate vice president for security, compliance, and identity at Microsoft, Vasu Jakkal, said that there are 578 password attacks every second, which is about 19 billion annually. He explained that the reason is people’s poor choice of passwords.