Microsoft Security Product Hub

Passwordless Authentication

Overview

Passwordless authentication simplifies the MFA process by removing the requirement for the password when signing in. Instead of the password, the authentication is performed by something you have and something you know. Something you have can be a Windows 10 device, a phone, an authenticator application or security key.

Microsoft has three passwordless authentication methods:

  • Windows Hello for Business - use biometric (such as fingerprint or face )or PIN credentials that are stored only on the single device
  • Microsoft Authenticator application - approve a sign-in by matching a code and authenticating to your phone (therefore providing something you have and the authentication to the phone)
  • FIDO2 security key - USB, bluetooth or NFC devices with a PIN or biometric unlock

Outcomes

  • Users do not type passwords in
  • Reduced chance of phishing and password theft
  • Easy to use and highly secure
All
Secure Remote Work
Zero Trust