Microsoft issues Windows 10 password warning for users

Microsoft has issued a security update for millions of Windows 10 users recommending that they delete their passwords.

All Microsoft account holders can now go completely password-less, the company has confirmed. Instead of having to remember a password that’s probably not as secure as you’d hope, or managing everything through a dedicated password manager app, it’s now possible to rely completely on the Microsoft Authenticator app, Windows Hello, a security key or a code emailed or texted to the user.

As well as Windows 10, it will be possible to use the new system for apps including Outlook, OneDrive, Microsoft Family Safety accounts, and Xbox Series X/S or Xbox One consoles.

Microsoft is now inviting users to remove the password from their account completely if they have the Microsoft Authenticator app installed on their phone. It is also recommending users have all of the latest updates installed.

A Microsoft spokesperson told Forbes: "If a user loses access to the Microsoft Authenticator app for whatever reason they can still recover their account if they have access to their other verification options, such as an email or phone number.

"As standard, this would simply be one code, and you are back in. However, if the user enables two-step verification on the account, which is still possible and still recommended, then they will need to provide codes sent to two different verification options."

The Microsoft spokesperson confirmed that deleting the password from a Microsoft account will provide a "more secure, simple, and fast way to authenticate" and suggests users "completely remove their passwords from Windows sign-in for added security."

To clarify, this means that Windows 10 or 11 users can take advantage of the improved security on offer without passwords, but they must be using the Microsoft account option to do so. "When you add your Microsoft Account to Windows, you just sign-in and go with access your favourite Microsoft products and services with just one login," the spokesperson says, adding "you can now go password-less using Windows Hello, where you have the option to completely remove your password from your windows sign in for added security."


Featured Articles

Global events driving rise in DDoS attacks, says Netscout

Report by Netscout found that DDoS attacks grew 31% YoY in the first half of 2023 with a staggering 44,000 each day, fuelled by world events

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Cyber Security

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security