Tech giant Microsoft going passwordless will provide additional opportunities for channel partners to better secure their customers.

That’s according to Sue Bohn, vice president of program management in Microsoft’s identity and network access division. In March, Microsoft made passwordless sign-in generally available for commercial users. Now Microsoft users can completely remove the password from their account. Instead, they can use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to their phone or email to sign in apps and services such as Microsoft Outlook, Microsoft OneDrive, Microsoft Family Safety, and more. Microsoft will roll out the feature over the coming weeks.

Bohn said passwordless puts the focus on stronger forms of authentication, rather than a password.

Microsoft’s Sue Bohn

“Partners can help customers to modernize to strong multifactor authentication (MFA) and passwordless options to better secure their clients’ environments from cybersecurity attacks,” she said. “It opens up the door to additional security measures companies can take.”

Going passwordless addresses many security issues Microsoft channel partners have been having with their customers, Bohn said.

“The majority of hacking-related attacks are due to lost or stolen credentials,” she said. “By replacing passwords with stronger methods to sign in, users are 99.9% less likely to be compromised. We believe securing identities is the foundation for a zero trust strategy, and enabling MFA should be a default first step.”

Zero trust eliminates the concept of trust from an organization’s network architecture.

Passwords ‘Weakest link’

“Passwords continue to be the weakest link of a security system,” Bohn said. “Humans just aren’t wired to remember 20 different complex passwords. And despite all the tools available to help with that, adoption of MFA has been sluggish. People want an easier, faster way that frankly reduces their stress about signing in. With passwordless in place, companies can focus on threat intelligence signals and access policies that can further secure access.”

Microsoft based its passwordless implementation on industry standard protocols which any company can use, Bohn said.

“Our goal is to empower people to do more, and we believe it is the right thing to do to help individuals better protect themselves and make it easy and painless,” she said.