login-password-security

Microsoft on Tuesday announced the general availability of its phone sign-in for customers with Microsoft accounts — a system that could be the beginning of the end for passwords.

The new system requires that customers add their accounts to the Microsoft Authenticator app, which comes in both iOS and Android versions, noted Alex Simons, director of program management of the Microsoft Identity Division.

After supplying a username, a member will get a mobile phone notification. Tapping “approve” on the app will authenticate the member’s information.

The new phone sign-in process is easier than two-factor authentication, according to Simons. 2FA requires users first to enter passwords, and then to enter a code delivered via text or email.

The new process is safer than password-only systems, which can be forgotten, stolen for use in a phishing scheme, or otherwise compromised, he said.

Microsoft Authenticator

Microsoft Authenticator, introduced last summer, started out as a replacement for earlier authentication apps, both for enterprise use in Azure AD and consumer use in regular Microsoft accounts. The initial version allowed fingerprint authentication in place of passcodes, and offered support for wearables including Apple Watch and Samsung Gear.

Setting up Microsoft’s new phone-in system is easy. If customers already have Microsoft Authenticator for their personal accounts, they can select the dropdown button on the account tile and select “enable phone sign-in.”

Android users will be prompted to set up the authenticator. iPhones will…