The password has long been considered as the weakest link in online security.
Cybercriminals use phishing scams, data breaches, password reuse and brute force attacks to steal your credentials in plain sight in hopes of breaking into your personal accounts.
Although you can employ specific strategies to protect your accounts like crafting long and unique passwords across all your accounts and password managers, we could all agree that the old password system is clunky and extremely susceptible to various attacks.
To address this perennial problem, Microsoft’s grand plan is to get rid of the password altogether and have something better take its place.
Read on and see all the exciting new developments in Microsoft’s bid to kill the password.
Two years ago, Microsoft introduced its new scheme to skip the outdated password security system with Windows Hello, a biometric authentication feature for Windows 10 systems.
This new layer of security employs facial recognition, iris scanning or fingerprint authentication for user sign-ins, automatically generating and storing authentication keys securely.
Additionally, this feature can also use two-factor authentication via the Microsoft Authenticator app to verify users. With this technology, users can register another supported device, such as another laptop or a Windows phone, then use it to unlock a Windows 10 machine via a PIN or gesture.
Fun fact: Our fingerprints are developed while we’re still in our mother’s womb. They gain their unique shapes based on our movement and location in the womb plus the makeup of our mother’s amniotic fluid.
Windows Hello now works with cloud apps
Now, Microsoft has just expanded the use of its biometric and two-factor authentication systems to applications using the Azure Active Directory (AD) to authenticate users. This bid to get rid of the password extends to Microsoft’s cloud-based application like Office 365 as well.
Although Azure accounts can already use the Microsoft Authenticator app for two-factor authentication, the codes can now be combined with either biometric authentication (fingerprints, facial scans, etc.) or a secure PIN for added security.
Why is this significant? This is a big deal for the hundreds of thousands of third-party apps that use the Azure Active Directory to authenticate its users. Hopefully, with app developers on board, we’ll all be closer to a password-free world.
How Windows Hello works
Here’s a refresher on how Windows Hello works. After downloading the Microsoft Authenticator App, use it to set up your Windows 10 PC. You’ll be able to go through the out-of-box experience, set up Windows Hello and access all your favorite apps and services — all without ever having to enter your password.
This system can essentially make your future Windows PC and app experiences password-free. If you have Windows Hello set up, you won’t see passwords anywhere in the Windows experience – not on the unlock screen nor in sign-in options.
You might be leery about using an Authenticator App, thinking it’s a hassle and adds unnecessary steps. But it’s actually easier than remembering all those passwords that you need as of now. Plus, it’s more secure than using passwords. This type of feature could be the wave of the future.
Additionally, companies who use Azure and Enterprise apps can now use the Microsoft Security Score tool to help shore up their organizations against cyberattacks. Although this tool already covers Office 365, it has been expanded to include Azure AD, Azure Security Center, and Enterprise Mobility + Security, as well. This tool provides a report-card style score to measure a company’s cybersecurity.
Not only that, but Microsoft Threat Protection has been launched for Microsoft 365 subscribers too. With Microsoft Threat Protection, companies can now be alerted when it detects suspicious behavior such as odd login attempts, unexpected program crashes, strange network activity and unauthorized file modifications.