Microsoft has long been a proponent of passwordless technology and says it wants traditional and insecure passwords to disappear. To this end, it has invested in various solutions over the years, including Windows Hello, Microsoft Authenticator, FIDO2 security keys and a palm authentication system.
Now the company has highlighted the progress it has made to destroy passwords by 2020, and has stated that it plans to make them a thing of the past for all of its customers by 2021.
Microsoft noted that nearly 80% of all cyber attacks target passwords, and one in 250 business accounts is compromised each month. That said, the company is committed to shifting people to passwordless solutions. In November 2019, 100 million people used the passwordless login with Microsoft. This number grew to 150 million by May 2020, showing how millions of people are willing to ditch passwords because of the inconvenience of remembering them, coupled with how insecure they can be.
Throughout 2020, Microsoft participated in several conferences to share its vision of a password-free future and a Zero Trust environment. It also unveiled a preview of Azure Active Directory support for FIDO2 security keys in hybrid environments, as well as a new passwordless wizard through the Microsoft 365 Admin Center. The company worked with multiple security partners in the Microsoft Intelligent Security Association (MISA) to also develop passwordless solutions.
Redmond’s tech giant highlights the following stats from 2020:
- Passwordless usage in Azure Active Directory is up more than 50 percent for Windows Hello for Business, passwordless phone login with Microsoft Authenticator, and FIDO2 security keys.
- More than 150 million users without password in Azure Active Directory and Microsoft consumer accounts.
- The number of consumers using Windows Hello to log in to Windows 10 devices instead of a password grew from 69.4 percent in 2019 to 84.7 percent.
2021 is the year when Microsoft plans to make passwords obsolete for all of its customers. It is currently developing new APIs and a UX for FIDO2 security key management, and is also aiming for a “converged registration portal” where customers can manage their passwordless credentials. While it hopes 2021 will mark a return to the “old normal,” the company has emphasized that using a password will make life on the Internet significantly easier.