Passwordless Authentication

identity

Authentication methods that verify identity without requiring traditional passwords.

What is Passwordless Authentication?

Passwordless authentication eliminates the security risks associated with passwords—phishing, credential stuffing, password reuse, and weak passwords. Instead, it relies on possession of a trusted device, biometric verification, or cryptographic keys. Microsoft reports that passwordless methods reduce account compromise risk by 99.9% compared to password-only authentication.

In Microsoft 365

Microsoft 365 supports passwordless authentication through Windows Hello for Business, FIDO2 security keys, Microsoft Authenticator phone sign-in, and certificate-based authentication. Users can register for passwordless methods at aka.ms/mysecurityinfo.

Examples

  • 1Tapping a FIDO2 security key
  • 2Windows Hello facial recognition
  • 3Microsoft Authenticator number matching
  • 4Passkey on smartphone

Related TrueConfig Controls

These controls help implement and verify passwordless authentication in your Microsoft 365 environment.

ID-04Require Phishing-Resistant MFA for All UsersPA-05Require Phishing-Resistant MFA for AdminsPA-06Require FIDO2 Security Keys for Administrators

Frequently Asked Questions

What is Passwordless Authentication?
Authentication methods that verify identity without requiring traditional passwords.
How does Passwordless Authentication work in Microsoft 365?
Microsoft 365 supports passwordless authentication through Windows Hello for Business, FIDO2 security keys, Microsoft Authenticator phone sign-in, and certificate-based authentication. Users can register for passwordless methods at aka.ms/mysecurityinfo.
What are examples of Passwordless Authentication?
Examples of Passwordless Authentication include: Tapping a FIDO2 security key, Windows Hello facial recognition, Microsoft Authenticator number matching, Passkey on smartphone.
Which TrueConfig controls relate to Passwordless Authentication?
TrueConfig controls related to Passwordless Authentication include: ID-04, PA-05, PA-06. These controls help implement and verify passwordless authentication in your environment.

Related Terms

FIDO2

An open authentication standard that enables passwordless authentication using public key cryptography.

Windows Hello for Business

Microsoft enterprise credential that replaces passwords with strong two-factor authentication using biometrics or PIN.

Passkey

A FIDO2 credential that can be synced across devices, enabling passwordless authentication without hardware tokens.

← Back to GlossaryBrowse Controls →