Getty Images
For years, Microsoft has been working to make passwordless login for Windows and Microsoft accounts a reality, and today these efforts are coming to fruition: The Verge reports that, as of today, users can delete completely your passwords from your Microsoft accounts and choose to trust Microsoft Authenticator or some other form of verification to sign in to new devices. Microsoft added password-free login support for work and school accounts in March, but this is the first time the feature has been offered for older and regular Microsoft accounts.
Accounts without a password enhance security by completely removing passwords from the equation, making it impossible to gain access to the full account information without accessing what you use to verify your identity for two-factor authentication. factors. Even if you protect your Microsoft account with two-factor authentication, an attacker who knows your Microsoft account password can still test that password elsewhere to see if you’ve reused it anywhere. And some forms of two-factor authentication, particularly SMS-based 2FA, have their own security issues.
The warning message you see when you turn on the account function without a password.
Andrew Cunningham
Microsoft has long been offering password-free authentication for Windows 10 and Microsoft accounts, and if you’re already taking advantage of these features, you shouldn’t change anything about signing in to your devices. Just visit your Microsoft account site, go to the Security tab, select “Advanced security options,” and turn on the no-password account feature to completely remove your password.
If you want to leave it completely passwordless, the easiest and most secure way for most people is to use the Microsoft Authenticator app on your phone; if you already have it installed, all you have to do to confirm the removal of your account password is open the app and approve the change. Other authentication applications such as Authy or Google Authenticator will not work with the QR code format that Microsoft uses to enable accounts without a password. You can also use a physical security token such as a Yubikey or a Windows Hello-assisted PC to sign in.