Advertisement

Microsoft: New Microsoft Accounts will be created without passwords

In a strategic effort to combat the growing prevalence of cyber threats, Microsoft announced that all newly created Microsoft accounts will now be created with passwordless authentication as the default setting. This move aims to mitigate vulnerabilities associated with traditional password systems, including phishing, brute-force attacks, and credential-based breaches that have historically posed significant security risks to users.

Advertisеment

Windows Hello Passkey Sign In CredUIRejuv
Image credits: Microsoft

This change relies on an earlier update introduced in March, in which Microsoft improved the sign-in and registration experience across mobile and web apps. The update simplified the account authorization process by offering passwordless authentication methods.

For new users

For individuals creating new Microsoft accounts, the process will no longer require generating a password. Instead, users will have access to several secure passwordless authentication options, including:

  • Passkeys: An advanced alternative to passwords that uses biometrics like fingerprints or facial recognition to verify identity.
  • One-time codes: Temporary codes sent via email or SMS to provide secure, convenient access.
  • Microsoft Authenticator app: A tool that allows users to authenticate logins with a simple tap or with biometric verification.

For existing users

Existing users are not excluded from this transition. They can go to their account settings to remove their passwords and use these advanced authentication methods.

What's good about Passwordless Authentication

Traditional passwords are continually identified as a critical vulnerability in cybersecurity. Their susceptibility to reuse, guessing, and theft through phishing schemes makes them increasingly inadequate for protecting user accounts. By eliminating the reliance on passwords, Microsoft is going for a more secure and user-centric approach to digital authentication. In particular, passwords stand out as the preferred authentication method due to their robust security architecture and reliance on biometric data, which is inherently unique to each individual.

Alignment with Global Standards

Microsoft’s initiative aligns with its active participation in the FIDO (Fast Identity Online) Alliance, an industry consortium that has been promoting password technology as a global standard for secure authentication for over a decade. Passwords are already used by billions of accounts worldwide, underscoring their viability and widespread adoption.

Passwordless Future

While this shift represents a significant advancement in digital security, Microsoft acknowledges that further efforts are needed to encourage existing users to adopt passwords and other passwordless authentication methods. However, by making passwordless authentication the default for new accounts, the company is laying the groundwork for broader adoption and a more secure online environment.

Thanks to thecommunity for the tip.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

css.php
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.