Passwordless
And any web service which is accessed less frequently, we probably start with the "forgot password" option which emails us a recovery link. Then there are password managers which themselves are a mess. I have always had issues trusting them fully. Probably one useful thing they offer are statistics. E.G., Google Chrome tells me I have about 300 passwords to various web sites. 300 is obviously not manageable in any way and many of these are the same, which creates a problem of a leak on one site affecting many other sites.
So how about getting rid of passwords at all?
The good news is we are getting there. And - surprisingly - Microsoft seems to be leading this effort. I have just discovered it is possible to use all of Microsoft services (that includes Office 365, Skype and others) completely passwordless. Just install the Microsoft Authenticator App. The process is very simple, allows you to associate multiple accounts (e.g., a business account and a personal account). Then make sure the "Passwordless" option is enabled as well as link non-Microsoft services. I have also been successful to replace the native Google Authenticator app with the Microsoft Authenticator for my Gmail! But at this moment Gmail still requires a password, using the Authenticator as a 2nd factor only. I wonder what security strength is compromised by still requiring passwords. It seems not much, and if this is the case, we may quickly see variety of 3rd party services offering this passwordless option. Hey, what a relief that would really be!
Comments
Post a Comment