Passwords suck. They can be challenging to remember, meaning people often use them across multiple devices and accounts. If one account gets hacked, then attackers could potentially gain access to all your other accounts.
Despite implementing features like two-factor authentication (2FA) to help mediate the issue — not to mention the wealth of password manager apps that make your logins more secure — people aren’t using them.
So, Microsoft is planning to kill the password entirely, at least on Windows 10.
Users will soon be able to sign into Microsoft Accounts on Windows 10 devices without a password. Instead, PCs will use Windows Hello face authentication, fingerprints or a PIN code.
The change will be opt-in, and if users decide to turn it on, the password option will vanish from the login screen.
For those wondering how a short, four-digit PIN could be more secure than a password, Microsoft says it’s because of how Windows stores those private keys. Devices have a Trusted Platform Module (TPM), a secure chip that keeps a PIN local to your device, unlike a password which is connected to the internet. If a server is compromised and a password is stolen, an attacker could access your device or account. But such an attack wouldn’t work with a Windows Hello PIN.
The passwordless feature will come to businesses as well through Azure Active Directory, which could help lock down business devices and protect valuable data by removing the password.
Microsoft is testing the feature in Windows 10 Insider Preview Build 18936.
You can learn more about going passwordless on this Microsoft blog post.