Share this article on:
Microsoft has announced that its users can now completely remove the password from their accounts and securely sign-in with the Microsoft Authenticator app, Windows Hello, a security key, or verification codes instead.
Following the company's March 2021 move to enable general availability for its passowrdless solutions for commercial users, Microsoft brought the feature to enterprise organisations globally.
According to a blog post written by Vasu Jakkal, corporate vice president, security, compliance and identity at Microsoft, passwords are a prime target for attacks.
"There are a whopping 579 password attacks every second — that’s 18 billion every year," Jakkal said.
"A quick look at someone’s social media can give any hacker a head start on logging into their personal accounts.
"Once that password and email combination has been compromised, it’s often sold on the dark web for use in any number of attacks."
From this month, Microsoft continued its push towards a passwordless future for its users by enabling secure sign-in to apps and services such as Microsoft Outlook, Microsoft OneDrive, Microsoft Family Safety with its Microsoft Authenticator app, or Windows Hello, Microsoft's biometrics-based authentication app that is designed to use facial recognition sign-in.
"For years, passwords have been the most important layer of security for everything in our digital lives — from email to bank accounts, shopping carts to video games," Jakkal added.
"Hackers have a lot of tools and techniques, they can use automated password spraying to try many possibilities quickly, or, they can use phishing to trick you into putting your credentials into a fake website.
"These tactics are relatively unsophisticated and have been in play for decades, but they continue to work because passwords continue to be created by humans."
Microsoft designed a fleet of new features to improve the management and usability of these credentials, including authentication methods management, step-up authentication, and passwordless APIs by taking consumer feedback into account.
This milestone in Microsoft’s strategy is designed to enable organisations to rollout passwordless authentication across hybrid environments at scale. For users, Microsoft has designed a simple to use authentication experience that offers security and works across an increasingly broad set of devices and services.
[Related: BlackBerry certified end-to-end encryption to block high-risk eavesdropping]
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.