Microsoft is beginning to replace passwords with Authenticator, an app that allows users to securely log into their Office 365 and Microsoft accounts using verification on their smartphones.
The iOS and Android app, which is currently being rolled out, allows users to login to their Microsoft accounts with a single tap. When attempting to login to their Microsoft accounts, the app will serve up a notification on a user’s smartphone prompting them to either approve or decline the login.
According to Alex Simons, director of program management at Microsoft’s Identify Division, Authenticator has been designed to get rid of the fiddly pain of trying to remember and enter passwords every time a user wants to login to their Microsoft account.
“Here in the identity division at Microsoft, we don’t like passwords any more than you do! So we’ve been hard at work creating a modern way to sign in that doesn’t require upper and lowercase letters, numbers, a special character, and your favorite emoji,” he said.
“With phone sign-in, we’re shifting the security burden from your memory to your device. Just add your account to the Android or iOS Microsoft Authenticator app, then enter your username as usual when signing in somewhere new. Instead of entering your password, you’ll get a notification on your phone. Unlock your phone, tap “Approve”, and you’re in.
“This process is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised. Using your phone to sign in with PIN or fingerprint is a seamless way to incorporate two account “proofs” in a way that feels natural and familiar.”
Google has a similar app in the form of Google Prompt, which required users to confirm their identity. So Microsoft’s app is not breaking any new ground. However, it does highlight how major companies are taking cyber security very seriously, offering their users new ways to protect from unauthorised logins and mitigate some of the damages stolen credentials can yield.
With phishing attacks part of the arsenal of a growing number of cyber attacks, we can foresee other companies providing cloud and web based services following Microsoft and Google in creating their own authentication apps.
Are you a cyber security pro? Take our quiz and find out!
CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation
Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…
Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…