Microsoft is letting you ditch passwords. Here’s how.

Say goodbye to Th3B3stP@ssw0rdEv3r!
Person typing on laptop with their phone on the side
Bye, bye password! MART PRODUCTION / Pexels

Share

Tech companies have been trying to find an easier way for us to access our data for a while, and some have repurposed the power of multi-factor authentication (MFA) to make this dream possible. But this has been limited to more niche or paid platforms

That is until today, when Microsoft started rolling out a passwordless feature to all of its users, allowing them to log in using methods commonly associated with MFA, like security keys, codes sent over text or email, and authenticator apps. The company announced its plans to make passwords optional back in December 2020, and even though other mainstream platforms like Twitter also said they were heading in the same direction, Microsoft is the first one to do it for both enterprise and free accounts. 

If you have a Microsoft account, you’ll be able to access this option within the next few weeks, and finally kiss that annoying eight- to nine-number-and-letter combination with upper and lower case, and at least one special character, goodbye.

How to go passwordless in your Microsoft account 

To check whether you can start logging into your Microsoft account with something other than your password, go to account.microsoft.com and click on Security in the blue navigation bar at the top of the page. Then go to Advanced Security Options, and under Additional Security, you’ll see the Passwordless Account option is off—click Turn on to do just that. 

[Related: How to get started using a password manager]

When you do, a dialog box will ask you to confirm you want to go passwordless and prompt you to approve the change on the Microsoft Authenticator app (free for Android and iOS). On your phone, open the app, tap Approve, and you’ll be good to go. 

How to log in without a password

On the same security screen, you can add as many identity verification options as you want. To add one, click on Add a new way to sign in or verify under Ways to prove who you are.

After that, you’ll see a new dialog box with the different login options you can set up. The first is using an authentication app—you can use Microsoft’s or a third-party app like Google Authenticator or Duo Mobile. If you go for the first option, download the app on your phone and you’ll be able to link your account by signing in directly or scanning a QR code. Just tap the three dots in the upper right corner of your screen and choose Add account. 

If you choose this as your primary login option for your Microsoft account, the login screen will show a two-digit number every time you want to start a new session. At the same time, you’ll receive a prompt on your phone asking you to choose that number from one of three options. Tap on the right number and then tap Approve.

Another straightforward way to access your account is having Microsoft send a one-time code to a secondary email address, or text it to you. You can add as many secondary emails or phone numbers as you want. Keep in mind that text communications can be intercepted both by your network company or third parties. It’s a good idea to set this form of verification, but try using it only as a backup.

A third option is using the Windows Hello feature, which uses the biometric scanner on your device as a way to make sure you are who you say you are. You can only set this up on one device, so you’ll probably want to use it on your primary computer. When you log in, choose to use Windows Hello and a prompt will ask you to swipe your finger on the scanner or show your pretty face, depending on what you chose. Once the system has recognized your features, you’ll be able to access your information.

Last, but definitely not least, you can use a security key or NFC-enabled gadgets as a verification method. To set it up, click on Use a security key, plug it into the dock, tap it, and click Next. A new screen will ask you to name your key so you know which one it is (you can have lots of them) and you’ll be good to go. 

[Related: How to do two-factor authentication like a pro]

Having multiple ways to access your account will make things easier for you if one of them fails, so set up as many as you can. For example, if your phone goes into an endless boot loop and you can’t access your authentication app, you’ll be glad you can receive a code in your inbox. 

Google and Apple have also been working on eliminating passwords from their platforms. They’ve enabled the feature for specific programs or system updates, but passwords are still very much the primary way for their users to access their accounts. Hopefully, Microsoft’s announcement will spark the fire that burns all of our passwords forever. 

 

Win the Holidays with PopSci's Gift Guides

Shopping for, well, anyone? The PopSci team’s holiday gift recommendations mean you’ll never need to buy another last-minute gift card.