Microsoft is planning to make Windows 10 PCs work without passwords. While the company has been working on removing passwords from Windows 10 and its Microsoft Accounts for a number of months now, the next major update to Windows 10 next year will go one step further.
You will soon be able to enable a passwordless sign-in for Microsoft accounts on a Windows 10 device. This means PCs will use Windows Hello face authentication, fingerprints, or a PIN code. The password option will simply disappear from the login screen, if you decide to opt in to this new “make your device passwordless” feature.
So why does Microsoft want people to stop using passwords to log into Windows 10 PCs? It is really simple: passwords suck. People love to reuse them across every website and on their personal devices, and although we have a number of two-factor authentication methods available, it is still difficult to convince people to use them.
Microsoft argues that a PIN code is far more secure than a password, even if it seems more simple to use a four-digit code. This is thanks to unknown variables and the fact that the code is stored on a device and not shared online.
Windows 10 stores your private key on a device with a Trusted Platform Module (TPM), which is a secure chip that keeps a PIN local to your device only. Servers can be compromised and passwords stolen, but a Windows Hello PIN would not be affected.
Microsoft has been slowly trying to convince Windows 10 users to opt into two-factor authentication processes like basic SMS, a separate Microsoft Authenticator app, Windows Hello, or even physical security keys with the FIDO2 standard.
With the latest Windows 10 May 2019 Update, you can even set up and sign into a Windows 10 PC with just a phone number on a Microsoft Account.
Microsoft is now planning to allow people to remove the password option entirely from the Windows 10 login screen. This will also extend to business users through Azure Active Directory, allowing businesses to go fully passwordless with security keys, the authenticator app, or Windows Hello.
It is all another step toward a future where hopefully we do not have to worry about remembering complex passwords, having a password manager, or avoiding reusing passwords.
If Microsoft, Apple, and Google have their way then we will be using our eyes, fingers, or physical keys that we posses to get into our accounts and devices instead of passwords.