Blogs & News
Microsoft password – All users can remove passwords from their account
7 December 2021
In an official blog post, Vasu Jakkal, Microsoft’s Corporate Vice President of Security, Compliance and Identity, announced that the “password-less future is here” for Microsoft users.
What does this mean for the Microsoft password?
The end of the password as the default security measure appears to have moved a little closer as Microsoft announced that all users can use alternative techniques moving forward.
Users can already use password-free security measures to log into their accounts and this ability is being extended to all users from this week.
These features allow users to use identification methods such as fingerprints, facial recognition and authenticator apps instead.
Jakkal said that “weak passwords provided the entry point for most attacks on Microsoft enterprise and consumer accounts, with an average of 579 password attacks occurring every second”. This totals 18 billion password-based attacks every year.
One of the main issues with passwords, is that it is increasingly difficult to come up with passwords that are both secure enough and easy to remember, especially when bringing in multiple symbols, numbers and case sensitivity.
Due to this issue, many people still use personal information such as pets’ names and birthdays.
Weak passwords are still worryingly common
A recent Microsoft survey had revealed that 15% of people used a pet’s name, while 10% reused passwords across different sites or accounts.
In a related blog, Joy Chik, corporate vice president of Identity at Microsoft, added that weak passwords that were popular in 2011, such as ‘123456’ and ‘abc123’, were still commonly used a decade on.
This makes passwords easier to crack using relatively unsophisticated methods, and hackers will often employ techniques such as phishing and ‘password spraying’, which allows them to try a lot of related guesses very quickly.
Customers will need the Microsoft Authenticator app to enable password less mode, and can then use the Windows Hello biometrics system, a security key, or a verification code sent via text or email instead of a password.