Microsoft has introduced a new passwordless account feature for personal Microsoft accounts, which is gradually being made available to all customers in the upcoming months.
Traditionally, Microsoft accounts, like most user accounts online and offline, necessitate a password for security. Users can enhance their security by enabling two-step verification with Microsoft’s Authenticator app or other methods.
Starting now, users can opt for a passwordless account to access their account, for example, on Windows devices or Microsoft websites, without the need for an account password.
This entails removing the account password and utilizing alternative sign-in methods such as Microsoft’s Authenticator app, Windows Hello, physical security keys, or in some cases, SMS/Email codes.
One prerequisite for this feature is having the Microsoft Authenticator app set up on at least one device and linked to the Microsoft Account. This app may already be in use as part of the two-step verification process.
Note: Some older applications and services do not support passwordless access. Consequently, users won’t be able to sign in to those particular applications if their account is set up as passwordless.
Microsoft specifically mentions products and services like Xbox 360, Office 2010 or earlier, Office for Mac 2011 or earlier, offerings that use IMAP or POP3 email services, Windows 8.1, Windows 7, various Windows features such as Remote Desktop and Credential Manager, and certain command line and task scheduler services.
Enabling Microsoft Passwordless Account
To enable the Passwordless account feature, follow these steps:
- Go to the Microsoft account website and log in to the account where you want to activate the passwordless feature.
- Scroll down to Additional security.
- Click on the Turn on option under Passwordless account.
Upon visiting this page, you will find pertinent information about the feature.
Enabling a passwordless account lowers the risk of phishing and password-related attacks.
To commence the setup, click Next, then authorize the request from the Microsoft Authenticator app on your smartphone to eliminate your password.
After removing your password, you might lose access to older apps, services, and devices.
Click on the Next button to proceed further. You will be prompted to verify the removal of the password using the Authenticator app. Upon completion, you will receive a confirmation page stating “password removed.”
When logging in, you will no longer be required to enter your account password; instead, you will need to verify the sign-in through the Authenticator app. This process is swift but necessitates having the Microsoft Authenticator app available for sign-in.
In case users do not have access to the Microsoft Authenticator app, they can still sign in by utilizing alternate recovery methods such as backup email addresses or text messages. It is crucial to set these up prior to activating the passwordless account feature. The setup options are provided on the same page where passwordless account is turned on or off.
To reintroduce passwords to the account, users can simply follow the steps mentioned above, select the “turn off” option under passwordless account, proceed with the instructions, and set a new account password.
Administrators in Enterprise and Education settings can find detailed instructions for enabling passwordless sign-ins here.
Image Source: Pixabay