Microsoft is to offer subscribers password-free access to their accounts — it had been doing so for corporate customers since last March — and by popularizing its use, is moving closer to a future in which passwords will give way to much more efficient and secure authentication systems.

The feature requires downloading Microsoft Authenticator, which will require permissions to send notifications and a secure authentication system such as FaceID or the user’s fingerprint (or, alternatively, Windows Hello, the use of a physical security key or a verification code sent via SMS or email). After installing an authentication method, we just have to define in our account profile that we want to use it, forget our password. The option, according to the company, will be introduced over the next few weeks.

Many apps now offer such authentication methods, but Microsoft’s move means a new phase in the popularization of this type of procedure, with all that this entails.

The password and the myths surrounding its use are responsible for many organizations’ security problems. Successive attempts to make passwords more secure through procedures such as instructing users to select passwords according to certain requirements (uppercase, lowercase, numbers, special characters, squirrel noises, etc), supplying them with passwords with these requirements that they could not change, or asking them to change them, or asking them to change them from time to time, have hindered people trying to gain irregular access to the systems, or even generated additional problems when, unable to memorize their passwords, we write them down on a post-it note on the screen. On other occasions, passwords were captured through more or less sophisticated phishing schemes that forced us to be wary of everything.

Ultimately, reducing the security culture to being able to memorize a password, which, to make matters worse, people reused across numerous services, prevented many of us from understanding the importance of the question, and from making mistakes that systematically made us more vulnerable. The use of password managers improved things and at least took many users to the next level, that of knowing by heart only the master password they used for the password manager, but in practice, they seemed overly complicated to many people.

Systems based on authenticators or second factors are much more secure, are simple to use and, although they take a little longer than a password, have far more advantages. The fact that Microsoft has decided to offer them as an option is definitely good news for security. Other companies like Google and Apple are working on similar schemes, which means that the password, hopefully in the not-too-distant future, will be consigned to history. Now is a good time to consider whether our company offers password-based services, and how advisable it might be to join this trend and stop forcing our users to keep memorizing strange words with 1Mp0$$iBL3 spellings, which are of little use…

http://www.enriquedans.com
Contributor

Recently Published

This article was originally published here: Terence Clarke – Founder of CastleCourt, DailyCoach and GrowthHub Terence Clarke believes that everyone has the answers to life’s questions and, as a coach, it is for him to help them find them. What’s your story? Born in Ireland, I grew up in England and I’ve lived and studied […]

Top Picks

Key Takeaways: Cryptocurrency exchanges are sometimes described as being like stock exchanges. But they are very different to the likes of the London or New York stock exchanges, which are highly regulated and serve a regulatory function. Cryptocurrency exchanges make money by helping “mum and dad” investors into the market. Seven of the world’s ten biggest crypto […]

Trending

I highly recommend reading the McKinsey Global Institute’s new report, “Reskilling China: Transforming The World’s Largest Workforce Into Lifelong Learners”, which focuses on the country’s biggest employment challenge, re-training its workforce and the adoption of practices such as lifelong learning to address the growing digital transformation of its productive fabric. How to transform the country […]

Join our Newsletter

Get our monthly recap with the latest news, articles and resources.

Login

Welcome to Empirics

We are glad you have decided to join our mission of gathering the collective knowledge of Asia!
Join Empirics