Tech News : No More Passwords For Microsoft Logins

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

September 22, 2021

In a bold step, Microsoft has announced that it is getting rid of all password logins, and that users will have to use an authenticator app or other solution instead.

Vision

Back in 2019, Microsoft announced that 100 million people were already using Microsoft’s passwordless sign-in (Ignite) each month, and in December 2020, Microsoft announced that 2020 had been “a banner year for passwordless technology” and laid out its vision for a passwordless future. This latest announcement, therefore, marks a major step towards the company making its vision a reality.

The Trouble With Passwords

Microsoft is not the only company wanting to escape from the many negative aspects of relying on password-based logins. Some of the key challenges with passwords are:

– They are a target for attacks. For example, one in every 250 corporate accounts is compromised each month, and 579 password attacks every second (18 billion every year).

– They’re inconvenient and difficult to manage across multiple accounts. For example, users are expected to create complex and unique passwords, remember them, and change them frequently. Also, 20 to 50 per cent of all help desk calls are for password resets (Gartner).

– They’re open to human error. People often choose passwords that are too simple (and very easy to remember), which makes them more vulnerable to being cracked. Also, password sharing (using the same password for multiple websites/platforms) increases the risk.

“The Passwordless Future is Here”

Microsoft has, therefore, announced that in line with its vision of the passwordless future, with immediate effect (and the rollout time over the coming weeks) its users can completely remove the need to use a password for their Microsoft accounts. Microsoft says that instead of a password-based login, users can now choose to use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to the user’s phone or email to sign in to Microsoft’s apps and services including Outlook, OneDrive, Microsoft Family Safety, and more. Microsoft says that those who have two-factor authentication will need to have access to two different recovery methods.

Like Microsoft’s In-House Passwordless System

Microsoft says that almost 100 per cent of its employees already use the new, more secure system for their corporate account and when passwordless login is enabled, users re-logging in to a Microsoft accounts are asked to give their fingerprint, or other secure unlock, on their mobile phone.

What Does This Mean For Your Business?

Businesses need to make sure that their IT systems are secure and compliant. Also, businesses need to be sure that users, perhaps in different locations (remote or hybrid working), can access their accounts (convenience) and maintain the company’s security at the same time. This bold move by Microsoft seems to tick these boxes and can be a way to help businesses to stay one good step away from cybercriminals who have already found many ways to beat password-based systems. Passorwordless and biometric systems have been highlighted, for a few years now, as the way forward, and Microsoft has now taken the first big step towards this.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.