Microsoft is inching closer to its dream of achieving a passwordless future, by announcing single sign-on (SSO) and alternative login options for Azure Virtual Desktop, its cloud-based virtualization solution.
In the most highly requested change in the product's history, Azure users can now use Windows Hello, the company's biometric verification software, and security devices like FIDO2 keys to log into their servers.
But Microsoft's feud against passwords isn't anything new. The company has long claimed that passwords are a “hassle to use” and a cybersecurity threat for businesses and users, and aimed to ditch the verification method altogether in 2021. Here's how Azure users can enact the feature — and those still using passwords can stay safe online.
Microsoft Announces Passwordless Sign-in for Azure Virtual Desktop
Microsoft has been moving towards biometrics as a verification method for years, and in a big step for the company, it's recently announced single-sign-on and passwordless authentication support for Azure Virtual Desktop. According to a Microsoft blog post released yesterday, organizations and users using the desktop can now:
- Use passwordless authentication to sign on to the host using Azure AD
- Use passwordless authentication while they're inside the session and when using the Windows client
- Use third-party Identity Providers (IdP) integrations to sign in to the host
- Enable a single sign-on experience when using Windows and the web clients
“Today we're announcing the public preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (like FIDO2 keys)” – Microsoft blog post
Currently, these features are still in public preview. But the new sign-in method is available to Windows 10, Windows 11, and Windows Server 2022 users as long as they've installed the September Cumulative Update Preview.
To learn more about how to configure the single-sign-in option, you can follow these instructions.
Creating and remembering long and complex passwords is an outdated and unpopular way to verify identity, so this change is likely to transform the login experience for countless Azure users. But it's not the first action Microsoft has taken to streamline its sign-on practices.
Microsoft's Tirade Against Passwords
Microsoft isn't a fan of passwords, but this is no secret. In a blog post released in 2020, the company called out the authentication method for being a “hassle to use”, presenting “security risks for users and organizations of all sizes” and being responsible for 80% of cyberattacks worldwide.
“Passwords are a hassle to use, and they present security risks for users and organizations of all sizes.” – Microsoft
As a result, in recent years the software company has strengthened its commitment to eradicating the sign-in tool altogether. Most notably, in 2021 Microsoft announced it would let users veto passwords altogether in favor of alternative solutions like Microsoft's Authenticator app, Windows Hello, security keys, and SMS and email verification codes.
And Microsoft isn't alone. Software rival Apple also decided to replace passwords across many of its devices with passwordless logins last September. Safari and iOS users are now relying on Passkey, Apple's in-house security solution that relies on facial and fingerprint biometric authentication.
How Can Password Users Stay Safe Online?
Passwordless logins are slowly but surely becoming standard practice. But with the vast majority of us still relying on passwords in our personal or professional lives, it's still important to prioritize password security.
We know passwords can be a pain to remember, but using simple, predictable passwords like ‘123456' and ‘qwerty' is a fast track to compromising your online security. In fact, research suggests these passwords can typically be hacked in less than a second. Instead, we advise using passwords that are 12 characters or longer, contain a combination of uppercase and lowercase letters, numbers, and symbols, and don't correspond to dictionary words or names of people, products, or characters.
You don't need an encyclopedic memory to protect yourself online, however. By using password managers, users are able to create strong and unique passwords, store them in one place, and remember them across platforms. We recommend using LastPass because of its low price tag and useful app, but here's our summary of other top password managers.