Microsoft has said that from today its users can begin removing the password associated with their Microsoft accounts and begin using a new suite of methods to sign in instead.
The tech empire says that going passwordless is “the next generation of account security” and that once a user removes the password from their account, they will need to sign in using one of several passwordless methods, including the Microsoft Authenticator app, Windows Hello, a physical/biometric key like a thumbprint scanner or Microsoft SMS codes.
According to a blog post published by Microsoft, ridding your account of a traditional password and using any of the above methods is actually safer. Passwords have become a cybersecurity risk as of late. Hackers use programs to “brute force” their way into accounts by effectively making a lot of password guesses at once.
This has led to passwords needing to become more complex, making these programs take longer to guess the correct passwords and effectively eliminating the risk. Nowadays some companies will require passwords with at least one capital letter, some numbers, and even a special character. This, plus usual length requirements (“your password is too short”) have made companies like Microsoft design alternatives for ease of use and better security.
“Using alternative sign-in methods like the Microsoft Authenticator App, physical security keys, and biometrics are more secure than traditional passwords which can be stolen, hacked, or guessed,” Microsoft writes.
Before removing their password, Microsoft suggests users first install the Microsoft Authenticator app, and that whichever device you’re using has the latest software updates installed.
Following the set-up of the Authenticator app, users should follow these steps to remove their password and set up a different log-in method:
- Sign in to your Microsoft Account Additional security options.
Under Password-free account, select Turn on.
- Follow the prompts to verify your account.
- Approve the request sent to your Microsoft Authenticator app.
Passwords can be reactive on an account at any time, so if a user misses the tried method of inputting a personal password, they can always go back to the original log-in method.