Monday 8 May 2017, Poradnik bezpieczeństwa

Microsoft’s war with the passwords continues – a new Microsoft Account sign-in option without a password

Lost24

Microsoft is enabling a new Microsoft Account sign-in option as a handy addition to the company’s iOS and Android Microsoft Authenticator phone app. Instead of using Microsoft Authenticator for two-step authentication, the app user can sign into the account without a password.

The new feature is available for website sign-ins that require Microsoft Account, such as Outlook.com, Skype.com, and OneDrive.com.

How dose it work?
To enable the feature, the user must first install the Microsoft Authenticator app, then select his or her account from the dropdown button and lastly choose enable phone sign-in. From now one, during logging into a Microsoft Account, a new option “Use the Microsoft Authenticator app instead” will appear at the bottom of the page. Choosing it will generate a login request in which the user needs to match a number on his or her PC with the number within the Microsoft Authenticator app.

In truth, the new feature dose not reduce the time or the number of steps required to sign-in into the account. It was was intended to make the whole logging process far easier and ultimately more secure.

We are curious how secure the new Microsoft authentication proposal really is... and how will the hackers respond to it?