Microsoft’s war on the password continues with a handy addition to the Microsoft Authenticator app for Android and iOS. Instead of using Microsoft Authenticator for two-step authentication, you can use the app to sign into your Microsoft Account without a password.
This doesn’t mean you can use Authenticator to sign-in to your Microsoft Account anywhere—it doesn’t work for logging in to Windows 10 PCs, for example. But for website sign-ins that require your Microsoft Account, such as Outlook.com, Skype.com, and OneDrive.com, it works just fine.
To try the feature out, download and install the Microsoft Authenticator app from the App Store or Google Play. Next, add your Microsoft account to the app, which will require you to sign-in. For Microsoft accounts, this authenticator does not scan QR codes.
Once you’re ready to go, try logging in to a website on your PC that requires your Microsoft Account. As usual with Microsoft Accounts, you enter your email address on the first page, and then when you get to the second page click “Use the Microsoft Authenticator app instead” at the bottom of the page.
Next, you’ll be shown a two-digit number on the webpage, and a notification on your phone. Tap the notification, and Microsoft Authenticator will show you three two-digit numbers, as well as the location of where you’re signing in.
Choose the corresponding number from the webpage, and then tap Approve. You may then need to authenticate yourself on the phone by tapping in your access PIN or scanning your fingerprint.
Once that’s done, you’ll be signed in to the website, and the next time you sign-in Microsoft says it will remember your preference for using the Authenticator app, thereby reducing the number of steps you have to take to sign-in the second time around. If you ever get tired of using Authenticator you can switch back to using a password at any time.
The impact on you at home: Overall, this process doesn’t necessarily reduce the number of steps you need to take to sign-in with your Microsoft Account. In fact, it probably takes more or at least as many as using two-step authentication. Nevertheless, I’d argue it’s still easier since you don’t have to remember a long, random password that’s especially cumbersome to type in on a phone.