This post has been republished via RSS; it originally appeared at: Azure Active Directory Identity Blog articles.
In this series, Microsoft identity team members share their reasons for loving passwordless authentication (and why you should too!). Today, Alex Weinert continues this series.
In previous blogs in this series, we shared how passwords lead to breaches, lost productivity and support calls. I also shared how biometrics local to each device provide a secure and convenient way to authenticate with a simple gesture from the user.
Your identity companion, the Microsoft Authenticator app, is a great example. It allows you to sign into your Microsoft identities (personal, work or school) by responding to a notification with a quick scan of your face, swipe of your finger or entry of your phone passcode. By combining your device and the biometric, it is not just simpler than a password, but inherently multifactor.
Most of us keep our mobile phone in easy grabbing distance, no matter what we’re doing. Using Authenticator on your mobile phone, you can easily approve sign-ins on any device and into any app. There is no password to type, SMS code to round-trip, or robocall to answer! Moreover, security measures such as matching a number at the time of approving a sign-in help prevent accidental approval, and the app can provide context and security notifications much richer than anything possible in text messages.
Figure 1: Number matching experience
If you have a smart watch, you don’t even have to take your phone out of your pocket while logging into your Microsoft account. (Every time I approve on my watch I feel like I am an extra in a cool sci-fi series – when my kid saw me do it, he finally thought Authentication was cool!)
For enterprises, when most of your workforce is remote, Microsoft Authenticator can be one of the easiest and fastest mechanisms to rollout. It is also the most cost effective. Users can download the app on their phones and setup an account in seconds. There is no additional hardware to carry and you can approve sign-ins on any device in the world. Passwordless authentication with Microsoft Authenticator also meets NIST 800-63 Authentication Assurance Level 2.
For end-users, the authentication experience matters the most. Microsoft Authenticator is one of the most highly rated authenticator apps in the world. As of February 2021, it tops its peers with a rating of 4.8 stars on Apple App store and 4.7 stars on Google Play store. Authenticator provides users great security with convenience and we are constantly innovating it with new capabilities.
In summary, Microsoft Authenticator may be the easiest and most affordable way to go passwordless for you and your users. There is no additional hardware to carry, passwords to remember or type, SMS to copy or phone calls to attend while signing in. You tap a notification, provide your biometrics and you are logged into any device you want. All this with secure multifactor authentication.
Stay tuned for more in the series! We’ll share how passwordless credentials can protect you from top attacks and we’ll dive into setup and recovery of passwordless credentials.
Check out the other posts in this series:
- Temporary Access Pass is now in preview
- What's New in Passwordless Standards, 2021 edition!
- 10 Reasons to Love Passwordless #1: FIDO Rocks
- 10 Reasons to Love Passwordless #2: NIST Compliance
- 10 Reasons to Love Passwordless #3: Why biometrics and passwordless are a dream combination
- 10 Reasons to Love Passwordless #4: Secure your digital estate, while securing your bottom line
- 10 Reasons to Love Passwordless #5: The Ease of Use and Portability of Security Keys
- 10 Reasons to Love Passwordless #6: The Passwordless Funnel
- 10 Reasons to Love Passwordless #7: Authenticator app for easy phone sign in
- 10 Reasons to Love Passwordless #8: You won't get phished!
- 10 Reasons to Love Passwordless #9: Onboard without a password
- 10 Reasons to Love Passwordless #10: Never use a password
Learn more about Microsoft identity:
- Return to the Azure Active Directory Identity blog home
- Join the conversation on Twitter and LinkedIn
- Share product suggestions on the Azure Feedback Forum