Microsoft recently added a passwordless sign-in option to Microsoft accounts for consumer-level Windows users, including anyone using Windows 10 Home edition and, soon, Windows 11 home edition. Prior to this change, passwordless sign-ins were exclusive to enterprise-level Windows users, but all users will now be able to opt in from their Microsoft Account settings.
By enabling this option, users can use their Microsoft account without a password. Instead, you’ll log into your account—and a select handful of apps, services, and Windows features that require it—using an alternative authentication method, such as the Microsoft Authenticator app, Windows Hello, or text/email verification codes. Supported products include:
Your Windows 10 or 11 PCYour Xbox Series X/S or Xbox OneMicrosoft Office 365 appsMicrosoft OutlookThe Microsoft StoreMicrosoft account websiteAnd more.So why would you want to do this? Well, aside from the convenience, it’s ostensibly safer. Removing your account’s password to increase its security may seem counterintuitive, but as Microsoft itself points out, passwords are an unreliable security method.
Companies and apps often store password data improperly, leading to its exposure in data breaches or leaks. But even if passwords are securely saved server-side, there are many ways a hacker can brute force passwords to break into someone’s account, such as credential-stuffing or password spraying. Anyone is vulnerable to these attacks, even those of us who use unique passwords protected with encrypted password managers.
Of course, no authentication method is perfect. Common alternatives like biometrics (fingerprint scans, face unlocks, etc) and text-based verification have their own vulnerabilities, especially if you’re using them as your sole sign-in method. Still, these verification methods are more secure than passwords, especially if you use multi-factor logins.
G/O Media may get a commission
How to enable passwordless logins for your Microsoft Accounts
Log into the Microsoft account page.Go to Settings > Security.Select “Additional Security options.”Type in your password when prompted.Go to the “Advanced security” page, then scroll down to “Additional security.” Click “Turn on” under the Passwordless account option. This will require the Microsoft Authenticator app for your smartphone.Follow the on-screen instructions on your PC and on your mobile device to complete the setup.We also recommend turning on “Two-step Verification” in the Additional Security menu after enabling Passwordless logins if you have not done so yet.You’ll now log into your Microsoft Account without a password. Note that some older Microsoft products and Windows features will still require a password, such as:
However, Microsoft seems committed to a passowrdless ecosystem, so future first-party products should support the feature.
Passwordless sign-ins will also work in tandem with the higher hardware-level security standards Microsoft is introducing with Windows 11, as well as other security features like OneDrive ransomware prevention. These security enhancements could help alleviate common cybersecurity vulnerabilities like weak user passwords or a lack of anti-malware or anti-ransomware protections.
[ZDNet]