In a strategic effort to combat the growing prevalence of cyber threats, Microsoft announced that all newly created Microsoft accounts will now be created with passwordless authentication as the default setting. This move aims to mitigate vulnerabilities associated with traditional password systems, including phishing, brute-force attacks, and credential-based breaches that have historically posed significant security risks to users.
Advertisеment
This change relies on an earlier update introduced in March, in which Microsoft improved the sign-in and registration experience across mobile and web apps. The update simplified the account authorization process by offering passwordless authentication methods.
For new users
For individuals creating new Microsoft accounts, the process will no longer require generating a password. Instead, users will have access to several secure passwordless authentication options, including:
- Passkeys: An advanced alternative to passwords that uses biometrics like fingerprints or facial recognition to verify identity.
- One-time codes: Temporary codes sent via email or SMS to provide secure, convenient access.
- Microsoft Authenticator app: A tool that allows users to authenticate logins with a simple tap or with biometric verification.
For existing users
Existing users are not excluded from this transition. They can go to their account settings to remove their passwords and use these advanced authentication methods.
What's good about Passwordless Authentication
Traditional passwords are continually identified as a critical vulnerability in cybersecurity. Their susceptibility to reuse, guessing, and theft through phishing schemes makes them increasingly inadequate for protecting user accounts. By eliminating the reliance on passwords, Microsoft is going for a more secure and user-centric approach to digital authentication. In particular, passwords stand out as the preferred authentication method due to their robust security architecture and reliance on biometric data, which is inherently unique to each individual.
Alignment with Global Standards
Microsoft’s initiative aligns with its active participation in the FIDO (Fast Identity Online) Alliance, an industry consortium that has been promoting password technology as a global standard for secure authentication for over a decade. Passwords are already used by billions of accounts worldwide, underscoring their viability and widespread adoption.
Passwordless Future
While this shift represents a significant advancement in digital security, Microsoft acknowledges that further efforts are needed to encourage existing users to adopt passwords and other passwordless authentication methods. However, by making passwordless authentication the default for new accounts, the company is laying the groundwork for broader adoption and a more secure online environment.
Thanks to thecommunity for the tip.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
