Microsoft has released their passwordless option to users this past week. Multiple factors of authentication will always be your most secure login process. However, instead of the password being your primary authentication method and using an authentication app or SMS code as the secondary method, you can now now use biometrics as primary and the authenticator app or secure key as secondary. This allows you to remove the password from the account altogether. This is being deemed a safer, more secure method of authentication. Is that truly the case?
Well, that depends. Are you one of the billions of people that uses the same password across multiple websites? If you aren’t using strong, unique passwords across the variety of sites you use, then yes, going passwordless is a great option. It eliminates a means of your password being exposed on the dark web and your credentials being used successfully on a different site.
However, if you use a strong, unique password for each site (with the help of a password manager) then it is better to have 2 authentication methods, rather than one. Perhaps you’d rather switch the order of which one is entered first, but still maintain both methods.
You may have heard us say this in other posts, but cybersecurity is just one big bear chase. You don’t have to outrun the bear; You just have to outrun other users. Whether you go passwordless and protect the one password you’ve been using since highschool or you continue to use a secure password and multifactor authentication, it’s better than just a weak password.
We wish you luck in the bear chase. Click here to watch a video about the benefits of going passwordless.