When it comes to passwords, we are expected to create complex and unique passwords, remember them, and change them frequently, and let’s be honest, nobody likes doing that. It’s time-consuming, and likely a waste of time when the new password is forgotten!

WHAT IS PASSWORDLESS?

Microsoft have been promising for some years that the future for Microsoft accounts are passwordless and with the increasing digitisation of services across all industries, other tech giants such as Google and Apple are pushing for new security measures to keep their customer’s documents and sensitive information secure.

And it’s starting to happen, we’re now seeing passwordless sign in options come into full fruition, with the option now available to completely remove the password from your Microsoft account.

So why is this happening?

In the past, users have had to manage, store, and remember multiple passwords for many accounts. With most tech users managing about 100 passwords on average, keeping this amount of data secure is not only a burden, but it also brings significant security ramifications with it.

We’ve all done it. There’s a huge percentage of tech users who do not use more than one password for their accounts. Yes, that’s use the same password for all of their accounts, or using versions of the same password across all their accounts, most commonly, adding a number like 123 on to the end of it.

To address these security issues, combined efforts by Apple, Google, and Microsoft have led to the advent of passwordless logins. Users are now able to use their smartphones to authenticate sign in and the system is expected to unlock access across different platforms.

and how will it work?

Well, biometrics, mostly.

So that’s using your fingerprint or your facial features to confirm you are who you say you are.

Biometric authentication is extensive and accurate, allowing only the right people access to the right accounts. This method alone noticeably reduces criminal activity, making it a greater challenge for even the most experienced hackers to crack.

Last week, Google officially rolled out support for Passkeys, the next-generation authentication standard, to both Android and Chrome.

Passkeys, established by the FIDO Alliance and also backed by Apple & Microsoft, aim to replace standard passwords with unique digital keys that are stored locally on the device.

To sign into a website on your computer, you’ll just need your phone nearby and you’ll simply be prompted to unlock it for access. Once you’ve done this, you won’t need your phone again and you can sign in by just unlocking your computer. Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off.

And for Microsoft, rather than using the password, authentication would be done via Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your apps and services, such as Microsoft Outlook.

So how does the future look?

 Passwords have taken a long time to come around to where we are today, and the tech companies are under no illusion – it will still take time for this technology to be available on everyone’s devices and for website and app developers to take advantage of them. Passwords will continue to be part of our lives as we make this transition.

So until then, we’d always recommend best password practise. Make your passwords as unique as you can – use a password manager (such as LastPass or Keeper) if you don’t think you’ll be able to remember them! Turn on MFA wherever possible and be cautious of emails asking for personal information.