The company said on Wednesday that it will introduce a “password-less account” option for all users of several popular services such as Microsoft Outlook and Microsoft OneDrive in the coming weeks. Microsoft previously made this option available for corporate accounts in March.
“You can now completely remove your Microsoft account password,” Vasu Jakkal, vice president of security, compliance and identity, wrote in a blog post on Wednesday.
Microsoft’s change comes after a spike in cyber attacks over the past year. With the majority of corporate workers working from home due to the coronavirus pandemic, hackers have a lot more ways to infiltrate a company’s systems – and compromising passwords is one of their most important strategies. more common. (Microsoft has also had its share of security issues in recent months, with its services linked to multiple high-profile hacks and breaches.)
Passwords can often end up for sale on the dark web, where they are bought and used to hack even more services. Hackers have even attacked password managers that aim to secure login data, with the popular service LastPass hacked in 2015.
According to Microsoft, 579 password attacks take place every second, or up to 18 billion attacks per year. And cybersecurity experts have said the weakest link is human behavior – our tendency to reuse the same password across multiple accounts so that it’s easy to remember, or to create patterns for different passwords that are easy to guess for hackers.
“Weak passwords are the entry point for the majority of attacks on corporate and consumer accounts,” said Jakkal.
Microsoft seems to be leading by example in its efforts to create a password-free future. According to Jakkal, almost all of the company’s employees now log into their corporate accounts without a password.
Other companies such as Google (GOOGL) and Apple (AAPL) also offer password alternatives – sending a notification to another device to verify your identity, for example – but these solutions have not yet completely replaced the need to enter a password.