This month, Microsoft expanded a feature they originally released in March that allows users to delete their password. Instead, you can login using an authenticator app or with a verification code sent to your phone or email. Microsoft suggests the future is password-less, and if that’s true, I’m ready for the future.
Hackers often gain access to accounts due to weak, easy to guess passwords, unchanged default passwords on equipment and millions of other human-error related ways. If we can prevent these hacks with a one-time password that is generated when you need it and discarded when you’re done – I expect we can avoid quite a bit of hacking attempts.
What happens If you lose access to an account because you lost access to your authenticator? In this case, you would simply send the verification code to another backup verification account – such as your phone or email. You can also still set up 2-step verification. You’re still avoiding a password, and you’ll be sent two different verification codes using two different verification methods.
Hopefully more companies will adopt this vision of a password-less future. If so, I know the “forgot password” button will get a lot less clicks from me.