X

Microsoft promises to ease the pains of going passwordless

Roughly 200 million people using Microsoft services already have made the jump past passwords.

Stephen Shankland Former Principal Writer
Stephen Shankland worked at CNET from 1998 to 2024 and wrote about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise Processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science. Credentials
  • Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.
Stephen Shankland
2 min read
Yubico's YubiKeys can make login more secure and help you move beyond passwords.

Yubico's YubiKeys can make login more secure and help you move beyond passwords.

Stephen Shankland/CNET

Microsoft is updating its widely used cloud computing technology to make it easier for millions of us to dump our passwords.

The tech giant is making passwordless login a standard feature for Azure Active Directory, a cloud-based service customers can use to handle their employees' login chores, the company said at its Ignite conference on Tuesday. The three-day conference, held online this year because of the COVID-19 pandemic, is geared for IT and other tech staff who use Microsoft's products.

In another update, Microsoft is smoothing out a potential difficulty of going passwordless with a new technology called Temporary Access Pass, which makes it easier for users to enroll in new services without generating a password. It's a one-time, short-term login code IT managers can send users for their initial login. It's also useful for recovering account access in the event of a problem, like losing a security key or phone used for login. It's only available as a preview technology so far, though.

The software behemoth's effort to move past passwords comes amid growing recognition of their limitations for authentication. We pick bad passwords, reuse them and often forget them. When stolen, hackers sell them to anyone who wants to try breaking into our accounts. One security site, Have I Been Pwned, has tallied more than 613 million stolen passwords.

That's why security professionals are moving to augment passwords with other authentication systems such as biometrics, like Windows Hello or Apple's Face ID, and hardware security keys like Yubico's YubiKeys.

Standards developed by the FIDO Alliance are designed to let you dump passwords altogether. The standards are built into hardware security keys and dovetail with technology like fingerprint or face recognition. They also guard against phishing efforts to steer you to fake websites designed to harvest login information that can be used to steal your money and your identity, because FIDO login credentials only work on the genuine website to which they're linked.

Microsoft's efforts at going passwordless are bearing fruit. Roughly 200 million people have enabled passwordless login for Microsoft services, such as Outlook and Xbox Live, according to Joy Chik, who runs the company's identity products. That's up a third from the 150 million people who had enabled passwordless login as of last May. 

Many of those still use passwords as a login fallback, Chik said, but starting the spring, Microsoft will let people remove their old passwords and go completely passwordless.