Cybersecurity has been a growing concern over the past few years. After the WannaCry ransomware attack earlier this year, companies have been busy upgrading their security measures in an effort to combat this rising threat.
The problem for the general public - most of which does not understand the risk that lax security poses to their personal information - appears to be equally dire. A recent report revealed that people are still using passwords such as "123456" and "Password" to protect their data. In the current situation, Microsoft states that it is time to kill the password.
In a detailed blog post, the company has outlined that passwords should no longer be the first line of defense against cyber threats, and that weak passwords and identity theft have been the primary source of data loss over the past year. Microsoft also noted how it's tedious to select a password complicated enough, such that it has an appropriate number of special characters, numbers, and capital alphabets.
As such, the Redmond giant is now focused on "making you the password". Bret Arsenault, Microsoft’s corporate vice president and chief information security officer, says that:
For several decades, the industry has focused on securing devices. That model needs a makeover. Securing devices is important, but it’s not enough. We should also be focused on securing individuals. We can enhance your experience and security by letting you become the password.
One such effort to reduce reliance on passwords is Microsoft's own Windows Hello biometric authentication system, introduced in Windows 10. Another example is the company's Authenticator app, which added another layer of security with support for fingerprint scanners. The firm also noted how it's one of the directors of the FIDO (Fast IDentity Online) Alliance, a consortium that develops standards for simpler, yet stronger, security.
Microsoft detailed how it's working with FIDO to further promote password-free solutions not only for the enterprise but also for the general public. The firm stated that most of its own employees rely on Windows Hello for Business to log into their PCs instead of passwords.
Rob Lefferts, director of program management for Windows Enterprise and Security, went on to say that Microsoft is committed to building a "password-free world", stating that:
It will take time for all the parties, all the important websites and all the important line-of-business applications to adopt this technology, and it will take even more time for users, customers and organizations to make the cultural shift required so that people can really live in this new world. But we have the blueprint for accelerating the move away from passwords. The key to success is making sure that the user experience is actually easier and better than what they have with passwords today.
It is important to note that that this is not the first time that Microsoft has outlined its mission to make passwords obsolete. Back in 2015, it introduced Windows Hello with Windows 10, and it also detailed that it would also be working on other measures to further improve security. It will be interesting to see if the company is successful in its endeavors in the near future, with Google and Apple working with similar goals in mind as well.