Are you ready for a cyber attack?
Back to Resources

Using your Microsoft account without a password


Emily Keeling

Marketing Manager

Do you often have trouble with your passwords? We know it’s best to have a separate password for each account, but that means you have a lot of passwords to remember. While a password manager can help you out, an alternative option is to get rid of your password altogether. Sounds pretty insecure, right? But if you remember back to MFA, you can choose other authentication methods so your account is still safe.

You can now officially go passwordless with your Microsoft accounts, even going as far as removing your password from your account entirely. Instead, you sign in using a passwordless method like an authentication app, SMS message, physical security key etc. This way, you’re still using multiple authentication methods, but you’re choosing the safer options, such as biometrics, that can’t be hacked or stolen – unlike passwords.

In order to remove your password, you must have the Microsoft Authenticator app downloaded – or Outlook for Android. You can then sign into your Microsoft account Additional Security Options, and under Passwordless Account, turn it on. Then, simply follow the prompts and approve the request sent to your Authenticator app.

Once you’ve done that, you sign in using the alternative methods. If you can’t access your Authenticator app, you can still sign in using the other methods available.

Note, if you have Two Step Verification turned on, you will still need to have access to two authentication methods. If you lose or replace your phone, you will need to remove the verification methods on that device through your Microsoft account settings.

If you ever change your mind and want to go back to using a password, you can turn Passwordless Account off, and then follow the prompts to set up a password.

Some older versions of Windows or services will still need a password. If you use Office 2010 or earlier, Xbox 360, Office for Mac 2011 or earlier, products/services that use IMAP or POP email services, or Windows 8.1 or earlier, then continue to use a password.