Microsoft hits “forget password”, ditches passwords for login
If you’re one of the many people that constantly forget your login password, Microsoft is looking at you and telling you they have your back. The Redmond major is abandoning passwords for logins and giving users the option of using its Authenticator app, Windows Hello, a physical security key, and SMS or emailed codes to access their accounts.
Why this move?
The reasoning for this is fairly simple; every second, 579 password attacks occur, adding up to 18 billion a year. At some point, human-generated passwords were going to be rendered redundant anyways, much like we use biometric logins for our phones.
Microsoft isn’t the first to do this either; Apple and Google are trialing their own programs too. With this, Microsoft made good on a promise made last spring, where they laid out a vision of bringing passwordless authentication to everyone.
The problem with passwords
It’s not just that hackers can easily compromise accounts using the same unsophisticated tactics that they’ve used for decades, or that it’s human nature to either forget a password or not create a password complex enough to be relatively uncrackable. The bigger challenge is from a business perspective. Studies show that one in three users would completely stop using an account or service rather than dealing with a lost password. There is thus a business argument to be made for this as well, more than from a technical standpoint. Either way, it’s a transition to a less complex, more reading interaction with the services we use.