Microsoft is beginning to replace passwords with Authenticator, an app that allows users to securely log into their Office 365 and Microsoft accounts using verification on their smartphones.
The iOS and Android app, which is currently being rolled out, allows users to login to their Microsoft accounts with a single tap. When attempting to login to their Microsoft accounts, the app will serve up a notification on a user’s smartphone prompting them to either approve or decline the login.
According to Alex Simons, director of program management at Microsoft’s Identify Division, Authenticator has been designed to get rid of the fiddly pain of trying to remember and enter passwords every time a user wants to login to their Microsoft account.
“Here in the identity division at Microsoft, we don’t like passwords any more than you do! So we’ve been hard at work creating a modern way to sign in that doesn’t require upper and lowercase letters, numbers, a special character, and your favorite emoji,” he said.
“With phone sign-in, we’re shifting the security burden from your memory to your device. Just add your account to the Android or iOS Microsoft Authenticator app, then enter your username as usual when signing in somewhere new. Instead of entering your password, you’ll get a notification on your phone. Unlock your phone, tap “Approve”, and you’re in.
“This process is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised. Using your phone to sign in with PIN or fingerprint is a seamless way to incorporate two account “proofs” in a way that feels natural and familiar.”
Google has a similar app in the form of Google Prompt, which required users to confirm their identity. So Microsoft’s app is not breaking any new ground. However, it does highlight how major companies are taking cyber security very seriously, offering their users new ways to protect from unauthorised logins and mitigate some of the damages stolen credentials can yield.
With phishing attacks part of the arsenal of a growing number of cyber attacks, we can foresee other companies providing cloud and web based services following Microsoft and Google in creating their own authentication apps.
Are you a cyber security pro? Take our quiz and find out!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…