Bermuda Post

Sunday, Mar 26, 2023

Microsoft's passwordless plans lets users switch to app-based login

Microsoft's passwordless plans lets users switch to app-based login

Microsoft has announced users can now delete all passwords from their accounts and instead login using an authenticator app or other solution.

The technology giant made passwordless accounts available for business users of its products in March.

And that system is now being made available to all Microsoft or Windows users.

It said "nearly 100% of our employees" were already using the new, more secure system for their corporate accounts.


If passwordless login is enabled, users re-logging in to a Microsoft account will be asked to give their fingerprint, or other secure unlock, on their mobile phone.

And this is far more secure than using passwords, which can be guessed or stolen, according to Microsoft.

"Only you can provide fingerprint authentication or provide the right response on your mobile at the right time," it said.

Windows users will still be able to use quick-login features such as a Pin code, though.

Some rare exceptions will still need passwords, such as Office 2010, Xbox 360 consoles, and Windows 8.1 or earlier machines.

And if access to the authenticator app is lost - for example, if the phone it is installed on is lost or stolen or a user forgets when upgrading - backup options can be used, including:

*  Windows Hello facial recognition, which requires a compatible laptop or special camera
*  a physical security key, which must be used on the device logging in
*  Short Message Service (SMS) or email codes

But SMS and email are two of the most common channels for cyber-criminals targeting specific individuals

And Microsoft says security-conscious users who have two-factor authentication set up will need to have access to two different recovery methods.

Microsoft's messaging tells customers no passwords are more secure

Prof Alan Woodward, part of a research team investigating passwordless authentication, at the University of Surrey, called it "quite a bold step from Microsoft".

"This isn't just logging into PCs, it's logging into online services as well" - including important ones such as cloud storage, he said.

Microsoft laid out its reasons for the new system in a series of blog posts.

Security vice-president Vasu Jakkal wrote: "Passwords are incredibly inconvenient to create, remember, and manage across all the accounts in our lives.

"We are expected to create complex and unique passwords, remember them, and change them frequently - but nobody likes doing that."

The separate authenticator app - not pictured in this stock photo - is claimed to be more secure than a password

Instead, people tended to create insecure passwords that technically cleared the bar for using symbols, numbers or case sensitivity - but in order to remember them, used a repeated formula or the same password on multiple websites.

And that led to hackers guessing them or revealing them in a data breach and reusing them.

"Hackers don't break in, they log in," the blog post read.

'Pummelled home'


The new passwordless feature greets users with a box saying: "A passwordless account reduces the risk of phishing and password attacks."

And once the feature is set up, a confirmation tells users: "You have increased the security of your account and improved your sign-in experience by removing your password".

Microsoft's claims about poor password use were largely true, Prof Woodward said.

"The message has been pummelled home about what good password hygiene looks like - but it's easier said than done," he said.

Passwords were a decades-old concept "and maybe the time is now right to start looking for something different".

But there were no currently agreed standards.

"There are a number of different ways this could be done - and it would be good if everybody moved on, really, and tried to find a way of doing this," Prof Woodward said.

Newsletter

Related Articles

Bermuda Post
Close
0:00
0:00
In a dramatic U-turn against His Government: Judicial Overhaul Legislation Must Be Halted, Says Israeli Defense Minister Yoav Gallant
Powell: Silicon Valley Bank was an 'outlier'
Donald Trump arrested – Twitter goes wild with doctored pictures
NYPD is setting up barricades outside Manhattan Criminal Court ahead of Trump arrest.
Credit Suisse's Scandalous History Resulted in an Obvious Collapse - It's time for regulators who fail to do their job to be held accountable and serve as an example by being behind bars.
Home Secretary Suella Braverman tours potential migrant housing in Rwanda as asylum deal remains mired in legal challenges
Paris Rioting vs Macron anti democratic law
'Sexual Fantasy' Assignment At US School Outrages Parents
Credit Suisse to borrow $54 billion from Swiss central bank
Russian Hackers Preparing New Cyber Assault Against Ukraine
Jeremy Hunt insists his Budget will get young parents and over-50s back into work
If this was in Tehran, Moscow or Hong Kong
Nashville police officer, and a female driver shooting one another
TRUMP: "Standing before you today, I am the only candidate who can make this promise: I will prevent World War III."
Mexican President Claims Mexico is Safer than the U.S.
A brief banking situation report
Lady bites police officer and gets instantly reaction
We are witnessing widespread bank fails and the president just gave a 5 min speech then walked off camera.
Donald Trump's asked by Tucker Carlson question on if the U.S. should support regime change in Russia?.
'No relation to the American SVB': India's SVC Bank acts to calm depositors amid brand name confusion.
Good news: The U.S. government is now guaranteeing all deposits, held by, Silicon Valley Bank, and the funds are available as of today
Silicon Valley Bank exec was Lehman Brothers CFO
In a potential last-ditch effort, HSBC is considering a rescue deal to save Silicon Valley Bank UK from insolvency
BBC Director General, Tim Davie, has apologized, but not resigned, yet, following the disruption of sports programmes over the weekend
Elon Musk Is Planning To Build A Town In Texas For His Employees
The Silicon Valley Bank’s collapse effect is spreading around the world, affecting startup companies across the globe
City officials in Berlin announced on Thursday that all swimmers at public pools will soon be allowed to swim topless
Fitness scam
Market Chaos as USDC Loses Peg to USD after $3.3 Billion Reserves Held by Silicon Valley Bank Closed.
A primitive judge in Australia sparked outrage when he told a breastfeeding woman to leave his courtroom for being “a distraction"
Barcelona is feeling the heat as they face corruption charges over payments to former vice-president of Spain's referees' committee, Jose Maria Enriquez Negreira
Senator Tom Cotton: If the Mexican Government Won’t Stop Cartels from Killing Americans, Then U.S. Government Should
Banking regulators close SVB, the largest bank failure since the financial crisis
The unelected UK Prime Minister Rishi Sunak, an immigrant himself, defends new controversial crackdown on illegal migration
Old clip of Bill Gates saying Ukraine is a big, fat, corrupt sinkhole is going viral
Man’s penis amputated by mistake after he’s wrongly diagnosed with a tumour
In a major snub to Downing Street's Silicon Valley dreams, UK chip giant Arm has dealt a serious blow to the government's economic strategy by opting for a US listing
How do stolen goods end up on Amazon, eBay and Facebook Marketplace?
It's the question on everyone's lips: could a four-day workweek be the future of employment?
Is Gold the Ultimate Safe Haven Asset in Times of Uncertainty?
Spain officials quit over trains that were too wide for tunnels...
Don Lemon, a CNN anchor, has provided a list of five areas that he believes the black community needs to address.
Hello. Here is our news digest from London.
Corruption and Influence Buying Uncovered in International Mainstream Media: Investigation Reveals Growing Disinformation Mercenaries
Givenchy Store in New York Robbed of $50,000 in Merchandise
European MP Clare Daly condemns US attack on Nord Stream
Former U.S. President Carter will spend his remaining time at home and receive hospice care instead of medication
Tucker Carlson called Trump a 'demonic force'
US Joins 15 NATO Nations in Largest Space Data Collection Initiative in History
White House: No ETs over the United States
×