Going passwordless? Microsoft has the tools for your business

Scammers send countless spoofed emails that try to lure you to fake login pages and have you divulge your username and password. Hackers infect your business’s computers with keyloggers in the hopes of recording users’ account credentials. With so many cyberthreats gunning for your passwords, it won’t be surprising if you want to stop using passwords altogether — especially when Microsoft appears to have gotten tired of them as well.

Microsoft has introduced a couple of passwordless tools that users of their software can use to keep their data and their systems safe.

Before anything else, what does going passwordless mean?

Going passwordless means revamping your cybersecurity system so that your business will no longer have to rely on passwords to protect your data from unauthorized access and theft. Using passwords as part of your company’s security strategy actually inconveniences staff and users, as this demands the following from them:

• Longer, more complex, and hard-to-remember passwords (which hackers can steal by phishing)
• Password replacements every couple of months (which makes users tweak old passwords in a predictable or easy-to-guess way)
• Password resets whenever they forget their passwords
• Unique passwords for every account
• Additional authentication steps (which makes the process of accessing accounts tedious)

In short, going passwordless means opting for cybersecurity tools that are both easier to use and more effective at keeping your company secure than password-based solutions.

Moreover, if you haven’t automated your password reset process yet, you’d know how expensive it is to have your IT team handle password reset requests. Going passwordless will therefore also mean cutting out costs related to maintaining password-centric security systems.

What passwordless tools does Microsoft have for their users?

As of this writing, Microsoft offers three types of passwordless tools, namely biometric scans, one-time passcodes (OTPs), and hardware security keys.

Biometrics

With biometrics, the user’s own unique characteristics become the keys for unlocking their accounts. Depending on the use case, you can opt for fingerprint scans, iris scans, and facial recognition. These promote ease of use while granting high degrees of security because people will literally always have such “keys” on their bodies, and these keys are very difficult to copy or steal.

Windows Hello, Microsoft’s tool for letting users gain quick and secure access to their Windows 10 devices, utilizes biometrics as a primary way to authenticate a user’s identity.

One-time passcodes

OTPs are security tokens generated by an authenticator app (such as Microsoft Authenticator) in the user’s smartphone and act as identity verification keys that grant that user access to their account. In this scenario, the smartphone is unlocked either by scanning the user’s fingerprint or entering a PIN code registered to and known only by that user. This makes the user’s possession of their device a marker of their identity. Therefore, when the user enters an OTP generated from that phone, they’re showing proof that it’s really them who are trying to get into their account.

Hardware security keys

The last type of passwordless tool offered by Microsoft is the hardware security key. These are literally like car keys or keys to your front door, but instead come in the form of hardware such as USB thumb drives or near-field communication smart cards. A user can have their credentials stored in the security keys so that they can then use these keys to open their Windows user account, online Microsoft accounts, and accounts associated with their Microsoft Edge browser.

While some applications will only require one authentication factor, the most secure passwordless systems utilize multifactor authentication, which requires at least two types of passwordless tools.

What tools you apply will depend on what you want to secure and how you want to secure it. To learn more about Microsoft’s passwordless options and which tools best suit your business’s needs, turn to our Microsoft experts at [company_short]. Get a free quote for your project or call us at 801-747-3200 today.