Skip to content ↓ | Skip to navigation ↓

Microsoft Users Can Now Use Phone Sign-In to Access Their Accounts

David Bisson
  • David Bisson
The State of Security - Tripwire IT Security news

Microsoft has announced a new feature that allows users to log into their accounts with their phones instead of their passwords.

The Redmond-based tech giant’s newest option, which it calls “phone sign-in,” is an effort to move users away from authenticating themselves via upper- and lowercase letters, numbers, symbols. Instead of remembering a password that blends these elements together, users can now install Microsoft Authenticator onto their device and configure the app to display an approval request when they next attempt to log into their accounts. From there, they need to approve the request to gain access.

Here’s how users can set it up:

  • Install the Microsoft Authenticator app and add a personal account to it.
  • Select the dropdown menu for that account and choose “Enable phone sign-in.”
Source: Microsoft

As of this writing, phone sign-in is available for only Android and iOS users. Individuals who own a Windows Phone can install Microsoft Authenticator to their devices. But the company is committed to making the new feature available on the two biggest mobile platforms first. If and when the option succeeds, it will roll it out to Windows Phone.

Alex Simons, Partner Director of Program Management at the Microsoft Identity Division, feels users will take to phone sign-in because of its security and ease-of-use. As he explains in a blog post:

“This process is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised. Using your phone to sign in with PIN or fingerprint is a seamless way to incorporate two account ‘proofs’ in a way that feels natural and familiar.”

If someone who enables the feature isn’t impressed, they can switch back to the old way of authenticating themselves. Those users should follow these tips to make sure each of their passwords is strong and complex. They should also consider implementing two-step verification (2SV) on all their accounts that offer the option. Here’s a guide on how to enable 2SV for Microsoft.