Microsoft has been offering this service to businesses since March. He pointed out that the new, more secure system for company accounts is already used by almost all its employees.
–
If passwordless login is enabled, users who log in to their Microsoft account again will be asked to enter a fingerprint or other secure unlock method on their mobile phone. This is much more secure than a password that can be stolen or guessed, Microsoft said.
–
“Only you can provide fingerprint authentication or provide the correct answer on your mobile phone at the right time,” the company said.
–
If access to the authentication application is lost, for example, if the phone on which it is installed is lost or stolen, you can use the backup options. These include Windows Hello facial recognition, a physical security key, or an SMS or e-mail code sign-in.
–
University of Surrey professor Alan Woodward, who is a member of the research team on passwordless authentication, described Microsoft’s decision as a relatively bold move. He pointed out that it is not just about logging in to personal computers, but also Internet services, including important ones such as cloud storage.
–
Microsoft has explained the reasons for the new system in several blog posts. Vasu Jakkal, vice president of security, wrote that it was incredibly inconvenient to create, remember, and manage passwords across all accounts. “We are expected to create complex and unique passwords, remember them and change them often, but no one likes that,” he said. Instead, people tend to create unreliable passwords that they remember best, using a repeated pattern or the same password for several pages. This makes work easier for hackers.
–
Woodward said Microsoft’s allegations of misuse of passwords were largely true and maybe it was time for a change.
—
