How to remove your password for Microsoft online services like Outlook.com and Xbox Live
Brett Pearce / CNET
Now that Microsoft lets you ditch your passwords for Outlook.com, Xbox Live, and other online accounts, you might want to consider taking the plunge. Emptying your credentials can improve security and convenience.
Letting go of your password can improve security, if only because it means you don’t have to rely on your memory to access your accounts. We all have too many passwords to remember and that means we often end up recycling them across multiple sites. You know what this means: a data breach can lead to the opening of more than one of your accounts. (You can use a password manager to minimize the drudgery, but they can be difficult to use.)
Signing in without a password also means that if a website is breached, there is no password for a hacker to steal. Logins without a password can thwart phishing attacks, which also use fake websites to try to steal login credentials.
Microsoft’s post-password push comes in the midst of a major modernization attempt. The company will deploy new surface products Wednesday. Microsoft will release Windows 11 and Office 2021 next month.
A constellation of improvements makes password-less login possible: biometrics, such as fingerprinting and facial identification; increasing use of authentication applications by Microsoft, Google, Okta and others; and a basic activation standard called FIDO, Fast Identity Online, which is supported by all browsers and operating systems. One of the capabilities of FIDO is to enable the most secure connection lock option, hardware security keys.
Microsoft is one of the biggest supporters of login reform, which is why 200 million of us have enabled passwordless login so far. Now he pushes us to go to the next step by removing the password, too much. It might sound extreme, but there’s a good chance you’ll see more password-less options as technology spreads.
“Collectively, the lessons from these early adopters will help establish best practices for other companies looking to follow suit,†said Andrew Shikiar, executive director of the FIDO Alliance. “Virtually all of the major banks and service providers I have spoken with have absolutely FIDO on their roadmap and are working on the technical and user experience considerations necessary to successfully protect their customers as well. “
Here’s how to remove your Microsoft password:
Install and configure Microsoft Authenticator on your phone. The app works on smartphones and iPhones running Android. Once installed, launch it and link it to your Microsoft online account:
Microsoft Authenticator download link
Screenshot by Stephen Shankland / CNET
Open your Microsoft account settings page in a browser (https://account.microsoft.com/) and log in too. Open the “Security” section:
Screenshot by Stephen Shankland / CNET
Open the “Advanced security options” section:
Screenshot by Stephen Shankland / CNET
Scroll down to the “Additional security” section and select “Activate” for “Account without password”. You can also dig into the “Learn more if that’s right for you” section if you’re concerned about the repercussions.
Screenshot by Stephen Shankland / CNET
You will receive a prompt to set up passwordless access, then a request for approval in the Microsoft Authenticator app on your phone:
Screenshots of Stephen Shankland / CNET
And that’s all. Your password has disappeared:
Screenshot by Stephen Shankland / CNET
If you want to recover it, you can reactivate it through the same “Advanced Security Options†process:
Screenshot by Stephen Shankland / CNET
_story.jpg)
