Microsoft just took another big step towards getting rid of passwords forever

0
148

Liam Tung

By

Liam Tung

| September 15, 2021 — 13:06 GMT (14:06 BST)

| Topic: Enterprise Software

The problem with passwords

Watch Now

Microsoft is extending its passwordless sign-in option from enterprise customers that use Azure Active Directory (AAD) to consumer Microsoft accounts on Windows 10 and Windows 11 PCs. 

Microsoft apps that still require a password include: 

Xbox 360 or earlier Office 2010 or earlier  Office for Mac 2011 or earlier  Products and services which use IMAP and POP email services  Windows 7, Windows 8.1, Windows 10 1809 or earlier. Some Windows features including Remote Desktop and Credential Manager  

The push for passwordless sign-in has been a multi-year effort underway at Microsoft and has required work to develop specifications for FIDO, the organization driving two-factor authentication and passwordless standards, Microsoft Identity corporate vice president, Alex Simons, tells ZDNet.   

“That was a modification of the Windows Hello protocol we originally created for Microsoft use. Google and Microsoft submitted that together through FIDO and over time we had a bunch of work and we have today what we know as WebAuthn and all of the supporting standards that make FIDO2 possible.” 

Simons explains that the support for passwordless sign-in with consumer Microsoft accounts means that end-users can completely remove passwords as a sign-in option. That, effectively, can close off the threat of password spraying attacks for Microsoft accounts and encourages consumers to use alternative sign-in methods for accessing Microsoft accounts. 

“For the first time we’re giving Microsoft account users not just the chance to use passwordless authentication, which they’ve had for years now, but actually the ability to go in and completely remove their passwords. So you can basically block sign-in with passwords to your Microsoft account and always insist on a passwordless factor that could be Windows Hello or a FIDO2 key from partners like YubiKey, or the Authenticator app,” says Simons.

“We’re also pushing Apple and Google to support the standard natively,” he adds. 

Security

T-Mobile hack: Everything you need to know

Surfshark VPN review: It’s cheap, but is it good?

The best browsers for privacy

Cyber security 101: Protect your privacy

The best antivirus software and apps

The best VPNs for business and home use

The best security keys for 2FA

The ransomware threat is growing: What needs to happen to stop attacks getting worse? (ZDNet YouTube)

Related Topics:

Security

Cloud

Big Data Analytics

Innovation

Tech and Work

Collaboration

Liam Tung

By

Liam Tung

| September 15, 2021 — 13:06 GMT (14:06 BST)

| Topic: Enterprise Software