If you’re a Microsoft or Windows user, you can now make the switch to a passwordless account that lets you log in using alternative unlocking methods. But just how secure is this new system, and what alternatives are there for businesses?

Microsoft passwordless login

You can now log in to your Microsoft account without a password

Passwordless login has been available for a while now, but only when logging into physical devices. Microsoft recently announced that consumers can now delete the password from their account (or set up a new account with no password), in favour of alternative login methods such as the Microsoft Authenticator app, Windows Hello, or physical security keys.


Is passwordless authentication safe?

Passwordless authentication seems like a relatively new concept but is shown to be just as safe and secure – if not more so – than using a password on its own, as it requires proof of identity through the use of the Microsoft Authenticator app.

Back when passwords were invented, users only had one to remember. Nowadays, the average person has more than 80 accounts, making it impossible to come up with passwords that are strong, memorable and unique for each one. When used properly, passwords are perfectly secure, but with so many people using the same, simple passwords across all accounts (especially without the addition of multi-factor authentication), it’s not difficult for hackers to guess or steal them.

The stakes are high for passwords, given that they are often the only thing standing between all kinds of personal data and the hands of cybercriminals. Getting rid of them might seem counter-intuitive but the new method of logging in is just as secure.


Don’t panic – passwords aren’t going anywhere fast

Microsoft is pioneering the passwordless account and it’s possible that, in years to come, passwords will be a thing of the past.

For now, though, it’s worth noting that going passwordless is completely optional – there’s no need to worry about preparing for all of your accounts to go passwordless just yet.

What’s much more important is enhancing password hygiene across your business and implementing password best practices to ensure the strongest possible security for employees’ accounts.


How to make password-protected business accounts more secure

There are plenty of ways to strengthen your passwords and ensure that cybercriminals can’t access sensitive business information. Here are some of our suggestions:

  • Implement multi-factor authentication: also known as two-factor authentication, MFA adds another layer of security to the login process – once you’ve entered your password, you’ll be asked to enter another piece of information such as a unique code which may be sent to your mobile device or a dedicated authentication application.
  • Invest in password management: Using a password manager will revolutionise the way you log in to your accounts – they help you create and store complex, unique passwords in a secure vault, removing the need to memorise them.
  • Create a culture of cyber security awareness: Staff vigilance is arguably the most important factor in protecting your business from cybercrime, so make sure that all employees are aware of password hygiene and the risks of being complacent.


Keep hackers at bay with our managed cyber security services

Here at Air IT, we want all SMEs to feel confident that their cyber defences are protecting their organisation effectively. We offer a range of services including Managed Cyber Security packages, Penetration Testing, Password Management and User Awareness Training – all managed end-to-end from our in-house Security Operations Centre.

To find out more about our cyber security services, please don’t hesitate to get in touch.