Passwordless Authentication what is it, how does it work, and why would I want it?

There is a fine line between being secure and being productive in the work environment.  Passwords are no exception when it comes to security vs. productivity.

Whether signing in to computers, productivity applications, online accounts, or mobile devices, passwords are somehow involved.  Oftentimes, we use the same passwords for multiple accounts because it would be nearly impossible to come up with a new password for every account.  Then, the password ends up getting written down somewhere, thereby completely negating the purpose of the password.

Nowadays, the way to combat the password dilemma is with Multi-Factor Authentication.  Not only do you need your password, but you also need that token.  This method is definitely secure and will make it very difficult for bad actors to compromise accounts.  However, this solution impedes productivity.  So what can we do to remain secure and productive at the same time?

Well, say hello to Passwordless Authentication!

What is it you ask?

Passwordless Authentication is a way to authenticate without the need for a password.  Yes, you read that right – no password.  That’s the simple answer!

How does it work?

The answer depends on the technology in use.  Microsoft, Apple, and Google are all offering Passwordless authentication methods.  For this article, we will focus on Microsoft.  The technical configuration is beyond the scope of this article so we will focus on the end-user experience.  Passwordless authentication can be accomplished in one of three ways for Microsoft 365 and Microsoft Live accounts – Microsoft Authenticator, Windows Hello, and FIDO2 token.  Using Microsoft Authenticator as the example for logging into portal.microsoft.com, the steps go like this. 

  1. Enter your email address in the email address field.
  2. Choose the number displayed within Microsoft Authenticator that corresponds with the one displayed on the computer screen. 

It is that simple! 

Because only the individual that has access to the Microsoft Authenticator can see the prompt in question, this becomes not only a way to authenticate without a password but also a notification when someone has attempted to access your account without your knowledge.

Why would I want it?

Convenience and Security… the holy grail of highly secure convenient access. Need we say more.