- Microsoft announces it will begin offering the ability to sign in with a security key without using a username or password.
- It's one of several options the company has been exploring to help create what it calls a "passwordless future."
- Passwords remain one of the most significant weaknesses in both enterprise and personal use of technology.
Microsoft announced Tuesday it will now support USB security keys, which give Microsoft account holders the ability to log into their computers and accounts without a username or password at all.
The passwords will support users across the range of Microsoft services, including Outlook, Office, OneDrive, Bing, Skype and Xbox Live, according to the company. Microsoft will support keys from well-known names Yubikey and the FEITIAN Biopass key, which retail for between $20 and $60. The keys are USB key fobs that users can insert into their USB-enabled devices.
"Passwords are bad for the planet. They're bad for people. They're the easiest way for attackers to get in, and in the case of account takeovers, they're even a way to force people out," said Rob Lefferts, vice president of security at Microsoft.
The average worker has well over 100 passwords to maintain, and the majority of data breaches that plague companies are the result of some kind of compromise to user passwords, according to several sources, including Microsoft and password security company LastPass.
Microsoft has been advocating for the past several years for a "passwordless future," one that increasingly seems plausible given similar moves by other tech companies to replace or substantially ease the burden of remembering so many nonsense words and special characters.
Alphabet has a key-based offering that's been heavily promoted to power users via its Gmail service, but it still requires users to use passwords alongside the security key. Apple has supported several hardware solutions for accounts, including fingerprint access and facial recognition. All three of these big tech companies have supported built-in password managers and password generators that ease the burden of the huge number of passwords people have to manage.
Microsoft has been one of the biggest advocates for total elimination of passwords, promoting biometric options as part of the Windows Hello service for Windows 10. Hello, which requires biometric readers such as facial recognition, supports access to machines running the Windows 10 operating system and has been adopted by around 70 percent of users who have the biometric hardware, Lefferts said. The company also offers Azure ID for businesses, which allows multifactor authentication such as geolocation and registered devices.
The security keys used by all of these companies are supported by a tech consortium known as the FIDO (Fast Identity Online) Alliance, which has for the past five years supported a variety of technologies meant to move people further away from having to rely on usernames and passwords. Members of the FIDO Alliance include diverse members of the tech, retail and banking industries, including Amazon, Google, Microsoft, Intel, J.P. Morgan Chase and Goldman Sachs.