It’s no secret that Microsoft is betting on a world without passwords. This, which at first glance may seem terrifying in cybersecurity forums, has its explanation. If we don’t use passwords, we will need to use other authentication methods. Multi-factor authentication and its principles come into play: something you know, something you have, and something you are.
With that in mind, the Redmonds have developed new ways to connect to Microsoft 365 and Azure Active Directory. In other words, Microsoft’s enterprise platform users won’t have to use passwords to sign in to Windows 10, Office apps, or Microsoft software-based web services.
Microsoft 365 will have several alternatives to passwords
Basically, passwordless authentication relies on biometric factors, external apps, or FIDO2 devices. For example, we can log in using Windows Hello facial or fingerprint recognition. This way, we didn’t have to enter a password and it’s a unique factor for each user.
Another alternative is to approve the connection from Microsoft Authenticator. When logging in, we will be asked to click on a given number in Microsoft Authenticator, which previously we should have accessed with our fingerprint or our smartphone’s authentication method.
Finally, we can also use FIDO2 devices, which are nothing more than USB drives created by Yubico, Feitian or AuthenTrend, which are Microsoft’s trusted brands to login without password. As we can see, we have a wide range of possibilities to connect to devices and services related to Microsoft 365 and Azure Active Directory.
As it could not be otherwise, domain administrators will be able to enable or disable this option and create different policies for users, groups and types of credentials. Additionally, they will be able to see the adoption of this feature across the enterprise with new analytics tools.