Building technology that is both secure and easy to use is a tricky proposition. Microsoft is trying to make strides by giving customers a way to sign into their Microsoft accounts with smartphones—but without having to enter passwords.
As explained in a Microsoft blog post on Tuesday, customers must have either the Android or iOS version of the Microsoft Authenticator app on their smartphones, then enter their usernames as usual. Then, instead of keying in a password, they’ll receive notifications on their phones. Tapping the “Approve” notification unlocks the phone.
The goal is to “shift the security burden” from a user’s often-overtaxed memory to his or her device, wrote Alex Simons, director of program management in Microsoft’s Identity Division.
This process is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised. Using your phone to sign in with PIN or fingerprint is a seamless way to incorporate two account “proofs” in a way that feels natural and familiar.
In an update, Simons confirmed that there is no analogous feature for Windows Phones. While there is a Windows Phone version of Microsoft Authenticator—as those phones have a tiny slice of the market share—iOS and Android versions were the top priority.