Tech Matters: How to go passwordless with Microsoft Windows
Microsoft sees a future without passwords and has recently extended a passwordless sign-in option from enterprise users to Windows 10 Home edition users. The no-password-needed feature will also be built into the next version of Windows, which will be released later this year. Why opt for an alternative to passwords? In a word, security.
Weak passwords are the entry point for the majority of attacks across both enterprise and consumer accounts, Microsoft’s corporate vice president of security, compliance and identity wrote in a blog post earlier this month. “Hackers don’t break in, they log in” is a favorite saying in his department.
You’ve no doubt struggled with creating and remembering ever more complex passwords, one for each account you use. You may need to use multiple symbols, numbers, upper and lowercase letters and you can’t reuse a previous password for an account. My assistant said that he has so many variations on his original password that it is impossible to remember which version unlocks which account. And even the most secure password can still be compromised if it’s snatched in a data breach, an occurrence that is all too frequent and completely out of the account holder’s control.
In a passwordless authentication system, attackers simply can’t use passwords to login because they don’t exist in any form, including initial sign-in or as a retrieval method stored by the site or service owner. Passwordless authentication verifies a user’s identity using something they have (such as a mobile device) or something they are (such as a biometric). Every time a user requests access, a new authenticating message is generated. That means there are no credentials within the passwordless platform so there is nothing for an attacker to steal. Without a password, you cannot be tricked into revealing your credentials to an unauthorized source. You can say goodbye to phishing attacks and other common methods cybercriminals use to gain access to your sensitive data.
There are two steps to going passwordless with Microsoft: you have to opt-in to the passwordless feature on your computer and set up Microsoft’s Authenticator app on your phone or tablet. You can use the passwordless login with a number of Microsoft products including Windows 10, the soon-to-be-released Windows 11, Xbox Series X/S or Xbox One, Microsoft Office 365 apps, Microsoft Outlook, The Microsoft Store and your Microsoft account website. Older programs such as Office 2010 or earlier, Office for Mac 2011 or earlier, Remote Desktop, older versions of Windows and Xbox 360 do not support passwordless logins. You can count on future versions of Microsoft products to support passwordless login.
To make the leap to a safer online environment, here’s how to enable passwordless logins for your Microsoft accounts. Log in to the Microsoft account page (https://account.microsoft.com/account). Click on Security at the top of the page. Select “Get started” on the Advanced security options card. Scroll down a bit and click the link “Turn on” under Passwordless account. You will now be prompted to download and set up the Microsoft Authenticator app on your phone. Choose an account to add in the Authenticator. Log in with your password (for the last time!) and then approve the request on your phone. You will also receive a recovery code in case you lose access to your device in the future. Make sure you follow the instructions to take a photo of it and then save that photo in multiple places.
If you are an IT manager, you may want to join Microsoft’s online event “Your Passwordless Future Starts Now” on Wednesday, Oct. 13, at 11 a.m. MT.
Leslie Meredith has been writing about and reviewing personal technology for the past nine years. She has designed and manages several international websites and now runs the marketing for a global events company. As a mom of four, value, usefulness and online safety take priority. Have a question? Email Leslie at firstname.lastname@example.org.