Microsoft is aiming to make two-factor authentication a bit easier by allowing users to sign into their Microsoft accounts simply by using their smartphones. The new feature has been available for some time as part of a 'soft launch', as Microsoft described it, but the company has now announced that it is 'generally available' for all users to enjoy.
You'll first need to set up your account in the Microsoft Authenticator app, but after that, the next time you need to sign in somewhere new to your Microsoft account, you'll be able to do so without entering a password.
"With phone sign-in, we’re shifting the security burden from your memory to your device," Microsoft's Alex Simons explained. "Instead of entering your password, you’ll get a notification on your phone. Unlock your phone, tap “Approve”, and you’re in." He also explained how to set it up:
- If you already use the Microsoft Authenticator for your personal account, select the dropdown button on your account tile, and choose Enable phone sign-in.
- If you are adding a new account on an Android phone, we’ll automatically prompt you to set it up.
- If you are adding a new account on an iPhone, and we’ll automatically set it up for you by default.
Then just try it out! The next time you sign in, we’ll send a notification to your phone. That’s it!
A few people have asked if this works with Windows Phone version Microsoft Authenticator. Windows Phone makes up <5% of the active users of our Authenticator Apps so we have prioritized getting this working with iOS and Android for now. If/When it becomes a big success on those high scale platforms, we will evaluate adding support for Windows Phone.
He added that the password-free log-in "is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised." If you lose your phone, or your battery is dead, you'll still be able to choose to sign in with a password.