Users of Microsoft services such as Outlook, Office 365, OneDrive, Skype, and Xbox Live will now get to enjoy the benefits of not having to remember their passwords. Now, with physical hardware keys using the FIDO2 technology, access to a Microsoft account is as simple as plugging into a USB port or using Bluetooth or NFC to pair a phone to the key.
Initially, the keys were used as part of a two-factor authentication policy, but new browser technology has enabled the elimination of the password requirement. Now, Microsoft's no-password log on process offers three options:
- Hardware key & Windows Hello facial or fingerprint recognition
- Hardware key & PIN
- A phone running the Microsoft Authenticator app
After a generation of having to remember your passwords, switching to (and maintaining) physical keys may seem like a big change. However, time and time again passwords are swiped in data breaches and are especially vulnerable since many of us reuse passwords across platforms. Two-step authentication is a step in the right direction to protect accounts, but the confirmation codes sent in the two step authentication process can be intercepted.
Google has had remarkable data security success by switching its employees to physical keys, and now offers a physical key for its users. And, it isn't alone; Dropbox, Twitter, Facebook, Github, LastPass, 1Password, and Dashlane all offer hardware-augmented login features.
This article was based on a November 20, 2018 CNet article by Stephen Shankland