Maintaining strong security through complex passwords can be difficult when staff need to manually type those passwords in multiple times a day to access their applications.  Most people tend to lean towards a password that is easy to remember.  That easy-to-remember password with maybe a number at the end is not all that complex and is easy to crack. If your password is something you need to write down on a note that you keep within reach, then that also is a vulnerability.

Most organizations keep increasing their password requirements while staff try to keep up with new complex passwords every few months.  This can result in lost user productivity as they fight with their computers to get signed in.  That will also result in many more calls to the IT department asking them to reset their complex password they cannot remember.

Microsoft has seen how difficult it can be to implement strong security through complex passwords and has come up with some new Windows 10 and Azure solutions to help you go password-less.  This will increase security using stronger methods than a complex password while still making it seamless for end users.

Windows Hello

The first option built into Windows 10 is Windows Hello that allows staff to use three different biometrics as their password to authenticate.  The first biometric available is a facial scan that uses an intelligent system that isn’t easy to beat.  Older technology used to be fooled by a printed face mask, but the Microsoft Hello algorithm uses 3D Light Technology to see through the disguise.  The next biometric is a fingerprint reader built into your device which you use to register your identity with. The last biometric included is an iris scan that will register your identity.

If staff are still having difficultly signing in, there is still a backup available within Windows Hello that allows you to set a PIN.  I know what your thinking: how can a simple PIN code be secure compared to the complex passwords staff were using before?  Well, the great thing about the PINs within Windows Hello is that it is tied to the device itself and cannot be used remotely like a password.  The organization can set a PIN complexity policy that enforces a stronger PIN than your typical 4 digit code.

To find a list of Windows Hello supported devices, check out the link below from Microsoft:

https://www.microsoft.com/en-ca/windows/view-all-devices?type=WindowsHello

Microsoft Authenticator

The Microsoft Authenticator mobile app has been around for some time and has allowed organizations a method of multiple factor authentication.  After a user would input a username and password, he or she would be redirected to a message prompting them to confirm the sign in on their mobile device.  This improved security integrity, as instead of just your username and password, you also need to have the registered mobile device in your possession.  However, a complex password was still recommended to be used in these conditions which are always difficult to remember and generate.

The latest update to Microsoft Authenticator and Azure Active Directory allows you to go truly password-less.  During the login process, after you enter your username, you are no longer required to also enter your password.  Once you have finished typing your username, you will be redirected to a page that will present a number.  On your mobile device, the Microsoft Authenticator app will show you a series of different numbers, and you need to pick the correct one that matches the number on your other device that you’re logging into.

This new process requires that you register your mobile device to Azure to ensure your mobile device adheres to basic security requirements.  You can only register one device to one login at a time to reduce the possibility of remote intrusion.

Ready to Get Started?

If you’re ready to get started with password-less security for Microsoft and/or Azure but not sure where to begin, Imaginet certified Microsoft and Azure experts can help you get started with any of your Microsoft or Azure security initiatives. To find out more, schedule your free consultation call with Imaginet today.

 

Request Your Free Consultation

=====

Imaginet is your trusted technology partner who turns your business innovation ideas into reality. 20+ years | 1200+ satisfied customers | 2500+ successful engagements. Primary services include Web Application Development, Mobile App Development, and SharePoint consulting services, with additional specialties in Power BI & Business Intelligence, Office 365, Azure, Visual Studio, TFS, & VSTS, Skype for Business, and more. Located in the United States (Dallas, TX) and Canada (Winnipeg, MB) with services offered worldwide. Contact us today at info@imaginet.com or 1-800-989-6022.

Drew McLean

About Drew McLean

Drew McLean is a Imaginet Senior Microsoft Platform Consultant who specializes in delivery and implementation of Microsoft product solutions, including SharePoint, Exchange, Skype for Business, Microsoft Teams, Office 365, and Azure. Drew is certified in Microsoft® Certified Solutions Expert: Productivity; Microsoft® Certified Solutions Associate: Office 365; Microsoft® Certified Solutions Expert: SharePoint; Microsoft® Certified Solutions Associate: Windows Server 2012 and Cisco CCENT with highly notable proficiencies working with software, hardware, databases, and various operating systems.