“For users who choose to take advantage of the system, the new sign-in process will completely do away with passwords…”
Microsoft has announced phone-based sign-in for Microsoft account users.
The process operates via the Microsoft Authenticator app, available on iOS or Android. For users who choose to take advantage of the system, the new sign-in process will completely do away with passwords: Instead, when a user goes to log in with her usual username, she’ll receive a notification on her phone prompting her to approve the sign-in process; a simple tap and she’s in.
Announcing the process on the Enterprise Mobility and Security Blog, Microsoft Identity Division’s Alex Simons asserted that the new system “is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised.”
Users still have the option of signing in with a password when their phones aren’t available, or switching back to passwords if they’re not satisfied with the new system.
While the new system does not appear to be as secure as two-factor authentication, which has recently been embraced by major names like Facebook and Instagram, it reflects what appears to be a broader interest on Microsoft’s part in moving beyond password-based security, with the company having established itself as a pioneer of biometric authentication on consumer devices via the Windows Hello security component of its newest operating system.