Microsoft is looking to permanently abandon password-based user authentication, replacing it with a system that uses access keys and identity confirmation methods based on biometrics.
According to a post on the Microsoft Entra blog, Microsoft is working intensively on new login screens, in which users will no longer see a request for a password. This means that soon hundreds of millions of users of applications such as Outlook, Xbox, Windows, or Microsoft 365 may see such screens on their displays. Various types of password managers may very well become a thing of the past.
Microsoft intends to introduce passwordless user authentication systems to its consumer applications first, and only in a second stage to business applications. It wants to be sure they are thoroughly tested and free from vulnerabilities that could be exploited by hackers. It is possible that the first such login screens will enter applications supporting Xbox consoles this month. They will be based on access keys.
Once the system is live, a user who sets up a new email account will no longer have to create a password. The system will send a one-time security code to their email address with a request to verify it. Only then, after logging in again, will they be asked to create an access key. From that moment on, the access key will become their default login option.
Microsoft also wants to simplify and standardize the entire process of logging in to its services. Currently, depending on how we log in to individual services, we often have to deal with a different screen each time requesting confirmation of our identity, each of which has its own rules. The user often gets lost in all this, often making simple but life-complicating mistakes. The company intends to change this and organize all login screens in such a way that they work in an intuitive and, importantly, similar way.
