Microsoft Makes Password Optional

John Lister's picture

Microsoft has removed the need for passwords to log in to a Microsoft account. Users can choose from four other options including a dedicated app.

A Microsoft account can cover a range of devices and activities including Outlook, Microsoft 365 (the online version of what used to be called Office), settings and bookmarks in the Edge browser, Skype calls, online storage in OneDrive and purchases and downloads from the Microsoft Store.

It's also the default way to log in to Windows itself for many users, though some setups let users opt for a four-digit PIN code instead.

Passwords Bring Dilemma

Until now, a password has been the default way to sign into a Microsoft account. However, Microsoft has already ditched that requirement for business users and is now extending it to consumers.

It says passwords are a poor option, partly because they are easy for hackers to crack and partly because users face a trade-off between security and convenience. A password that's easy to remember is often most likely to be breached, but a password that's hard to remember can be impractical.

Users can now ditch passwords, though they'll need an Android or iOS phone or tablet and install the Microsoft Authenticator app. They can then sign in to their Microsoft account (on a computer or portable device), select Advanced Security Options and then Additional Security Options and then click or tap "Turn on" underneath the option for Passwordless account. (Source: microsoft.com)

App Replaces Password

Once that's done, the Authenticator app becomes the main way to login to a site on any device. Instead of typing in a password, the user can select the option to login with a code generated by the app. To prevent abuse by somebody who has stolen a phone or tablet, the user will need to be logged in to the device using a PIN, fingerprint or facial recognition.

If users want to go passwordless but either can't or don't want to use their mobile device, they'll also be able to log in to the Microsoft account using Windows Hello (a facial recognition system for desktop computers with a camera), get a one-time authentication code sent by text message or email, or use a special USB stick that acts like a physical key. (Source: bbc.co.uk)

What's Your Opinion?

Do you find passwords frustrating? Do you trust other forms of login? Does the Microsoft system sound workable or too much hassle?

Rate this article: 
Average: 5 (5 votes)

Comments

Navy vet's picture

Too much hassle. Windows is making too many changes just for the sake of change. If fact, I tried Windows 11 and the taskbar was a deal breaker for me.

topgum's picture

now I'll need a phone to log into my PC. STUPID, STUPID

Greg1956's picture

Obviously they have never heard of the adage

"If it ain't broke, don't fix it."

No, stick to passwords, it already a pain when I use Outlook on my home or any other non-main PC and I have to do multiple authentications.

Give me a break, I actually want to do some work.

Greg

bigton's picture

I tend to use a pin to log on to my computer. The number is random, I got it by counting the number of barks our wee dog made as a large Alsatian passed passed the end of our front garden. A pause meant starting the next number. So I have a completely random number that has nothing to do with dates, addresses or anything else. The only person who knows my pin is my wife as she uses my computer as well.
Our password is relevant to us, but we decided to use keys above, below and to the side of the keys for the password to make it random. I admit this made it difficult at first, but after a while, it became automatic to just type in the jumble of keys that represented the password.
Of course, that won't help if someone gets a keylogger or other virus or trojan on the computer, but I keep everything on a backup drive which is only connected a couple of times a week. Its not that we have anything of any real importance anymore, but we want the satisfaction of being able to just wipe the drive and start with what we have if the computer does get infected.