Sunday, November 27, 2022

Microsoft’s passwordless option tightens security

Microsoft announced on Wednesday its latest step in securing its Microsoft Outlook and Microsoft OneDrive accounts by welcoming its “passwordless account” option for consumers’ in the upcoming weeks for Windows 10 and Windows 11 PCs.

In March, the Big Tech giant already made this option available for all its corporate accounts as a necessary solution for a common issue circulating around remembering a bundle of passwords to access its services.

“You can completely remove the password from your Microsoft account,” said Vasu Jakkal in a statement, Microsoft corporate vice president of Microsoft Security, Compliance, Identity, and Management division.

“We’re extending that same passwordless technology that we had for commercial earlier this year to consumers. It’s simple to set up. If you have a Microsoft account, you can use the Authenticator app, and within a few steps you can be passwordless,” he added.

One of the leading reasons why Microsoft is taking this drastic measure to up its security procedures is that users typically aim to pick memorable yet bad passwords. The move leaves Microsoft users vulnerable to password spraying attacks where hackers can implement a list of frequently used passwords to gain access to any account.

The software giant’s move will steer a much-simplified way for smartphones to reach a higher security level, such as two-factor authentication (2FA) or multi-factor authentication (MFA).

Microsoft’s Authenticator app delivers through the platform a particular numbered login code available for a limited time. An additional security measure unleashed by the tech titan is Windows Hello, where users can access any account through facial recognition, a fingerprint, or a unique pin.

Also, Microsoft will provide users with an external security key purchased as a USB drive with login information stored on it. In addition, the register a phone number option is currently the most common one.

The software developer’s need to create innovative security patterns derives from the need to guard its networks and servers following a piercing wave of cyberattacks aimed at the company’s infrastructure in the past year.

According to Microsoft’s data, an estimate of 579 password attacks occurs every second, totaling in a colossal 18 billion attack on a yearly basis. Cybersecurity analysts believe the weakest link is human behavior and the tendency to overuse the exact same password for various accounts.

“Weak passwords are the entry for the majority of attacks across enterprises and consumer accounts,” Jakkal stated.

While Microsoft is steering the ship in securing its users’ accounts, other Big Tech firms such as search engine giant Google and iOS maker Apple are marching in its footsteps by offering password ultimatums, such as sending a notification on another device for identity verification.