Online security, it’s important, it’s hard and as a result so many people just don’t practice good online security habits. Microsoft is hoping to improve that by just getting rid of the need for a password altogether, sort of.
In a blog post this morning Microsoft unveiled an update to their Android (and iOS) authenticator app that brings a whole new way of signing in to your account. Rather than the traditional password and 2FA code of some sort, Microsoft is using your phone as your password.
If you don’t have the Microsoft Authenticator App installed you’ll need to grab that from the Play Store and set it up. The next time you try to log in to a Microsoft account you’ll now have an option to “Use the Microsoft Authenticator App instead”.
As above you will now see a 2 digit number on the log-in screen, being 54 in this instance. From there you will get a notification on your Android device tap on and select the same number from the 3 numbers shown, click approve and then a security authentication page will pop up, either authenticate via fingerprint, pin or however you normally do with Android. After that, you’ll be logged in.
While this is a great system, and I will be using it for my Microsoft account going forward it, does have some drawbacks and does not eliminate the need to use strong, unique passwords for all of your accounts. Firstly, and somewhat obviously, this only works when you have your phone, that’s not a biggie. Secondly, it only works when you have an active data connection, this can be more troublesome.
I routinely am in a situation where I have a hardwired PC but not wireless internet on my phone. This is why it’s not really a replacement for a password, and still requires you to have strong unique passwords for your accounts, you’re going to need your Password and authentication code as a backup. All of that said I welcome anything that makes security easier and more accessible.