In nearly every cybersecurity attack over the last few decades, you can bet that a bad password came into play. Microsoft is well aware of the problem, and they're tackling it head on!
Microsoft's recent news regarding "Password Removal" may be the biggest step forward in cybersecurity since the invention of multi-factor authentication. And now that we're all using MFA, we can begin the process of ridding ourselves of cumbersome passwords.
What Does Microsoft Password Removal Mean for Businesses?
You can take every precaution in the world, but a password is always going to be a major weak point for every account you have. This means all of your company's sensitive data; client information, HR data, even your finances, are all just one bad password away from being stolen.
We're only human, and all of us have reused an old password at one time or another. You're left with a choice: a password that's secure or a password you'll remember. Rarely do we use something that fits both.
Microsoft's Password Removal keeps your data more secure than it's ever been. The storage situation is still the same, using Microsoft's incredibly secure 365 cloud. All that's changing is the process by which you access your data.
Text passwords that could easily be guessed by humans, or even cracked by brute force attempts have been replaced with a confirmation process that only you can complete. You login to your account, your device asks you to confirm that you're logging in, and you're done!
Password removal takes the most vulnerable part of the process out of the equation and replaces it with a simple button press that only you can complete. While there are no guarantees in life, we think this will prevent thousands of data breaches.
How To Remove Your Microsoft Account Password
For personal accounts, this is an incredibly simple process involving three steps.
- In your 365 account, go to "Advanced Security Options"
- Select "Passwordless Account"
- Follow the on-screen prompt to allow Microsoft Authenticator notifications
The password removal process basically replaces your old text password with an authentication confirmation from your Microsoft Authenticator app. You'll need to have your device handy when logging in, but it still beats having to remember those ever-changing passwords!
Personally, I use my Apple Watch for authenticator app verification. No need to even pick up my phone, just pull up my account, tap the green button on my Watch, and move on with my day!
The authentication process can also be setup to use Windows Hello or even physical security keys. Our suggestion is to use whichever makes your life easier! They are all equally secure and much better than text passwords.
Need help setting up Password Removal for your business? Reach out to us!
Are the Days of Passwords Really Over?
The short answer is no. It's going to take years for all of the accounts we use every day to switch to authenticator apps and leave passwords behind. But, in the meantime, there are some steps you can take on your own to help prevent data loss and account theft.
Use multi-factor authentication on EVERY account
Try not to re-use passwords, and make them as complex as possible
Check the security settings of your accounts to see if a passwordless option is available
We may well be near the end of an era, and anyone who possibly can take advantage of Microsoft's Password Removal option absolutely should, but for now, it's still going to take vigilance and awareness from everyone in your organization to keep your data safe.
Looking for help with your Microsoft 365 environment? Reach out to us, and we'll be happy to help!