Microsoft thinks so. Passwords are one vulnerable point in a system’s armor. We’re all guilty of it. We reuse passwords, even complex passwords across systems. When one system is compromised, now all other systems that have the same or similar password combination are open to attack.
Imagine a user has reused a password across more than 100 systems, from social media to online shopping to work email. Most users are not monitoring for hacks that affect them. When their password is compromised, they are not changing their password across the board, leaving those systems using the same password open to attack.
In an ideal environment, each user would generate a long, complex password for each system and enable 2-factor authentication. How many users do you think have gone that far?
Since each user sets up their own password, the chances are slim that their passwords are complex and unique. For many years, there has been a movement to find better ways of authenticating a user than the traditional unique username and password combination. Some of those solutions involve biometrics, such as face or fingerprint recognition.
With a larger part of the workforce now working remotely, Microsoft asks that we rethink security in terms of Zero Trust. In an environment of Zero Trust, we make no assumptions about who you are and what you are trying to do. Your system must verify each user explicitly, provide the least privileged access needed, and assume the system has already been breached.
Coming April 2021, Microsoft will roll out advancements to Azure to allow administrators to control authentication from the cloud using a combination of temporary credentials, pin, and fingerprint, leveraging the power of their Authenticator app.