Microsoft password authentication available for personal accounts

3 Min Read

Microsoft has expanded the availability of password authentication support to more users. Consumers with personal Microsoft accounts can now also use access keys to ensure secure logins to their accounts.

Microsoft has rolled out password authentication for several platforms

As passwordless authentication becomes mainstream as a secure login alternative, Microsoft is also expanding support for passkey authentication for its users. Previously available to sign in to websites and apps, Microsoft users can now use this password authentication method for their personal Microsoft accounts as well.

According to a recent after of the two Microsoft officials, Vasu Jakkal, Corporate VP of Security, Compliance, Identity, and Management, and ByJoy Chik, President, Identity & Network Access, stated that users can now use their usual passwordless device locks, such as their fingerprint scans, facial recognition, and device PINs as passcodes to protect their accounts.

As for how it works, the officials were quick to shed light on the technology in their post. Basically, password keys work using a pair of cryptographic keys. One of these is stored on the user’s device, which corresponds to the user’s passcode (biometric scan or PIN), and the other is stored with the respective website or web for which the users have set the passcode.

A unique key pair is used for each site or app. So even though the user seemingly only uses one factor to log in with password authentication and reuses it a few times for the other apps, this eliminates the risks associated with a similar practice of using the same passwords.

See also  The Fall Guy VOD, Streaming and DVD Release Dates

Additionally, this also prevents the other site or app from knowing your exact password method, protecting your login from potential breaches.

There are risks associated with synchronizing passwords – researchers fear

While Microsoft’s password authentication sounds more secure and convenient, researchers fear it still has some privacy risks. That’s because Microsoft has introduced password sync with this feature, which means your passkeys will be available across multiple devices.

Microsoft believes that this password synchronization saves users from the hassle of managing/accessing passwords in the event of upgrades or loss of devices.

However, researchers fear that this could compromise the passkeys if an adversary successfully gains access to the passkeys on one of the devices.

For now, we’ll leave it up to our readers to decide whether to use Microsoft Passkey authentication. Users interested in setting up this login method can find the relevant settings in their Microsoft accounts (follow the steps indicated here if you have trouble setting it up.)

Let us know your thoughts in the comments.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *