Microsoft is now supporting phone sign-in which is a type of two-step authentication that does not require the user to enter their password. Users must still verify their identity by providing a thing they know (i.e. their login name) and a thing they have (i.e. their phone), but phone sign-in lets them skip entering their account password and performs all of their identity verification on their mobile device.
Before you can turn on phone sign-in, you must ensure that:
- the Microsoft Authenticator app is installed on our phone, and
- you have added your Microsoft work/school account to it, and
- you have Microsoft Authenticator app listed as one of the MFA methods in your security profile.
Phone sign-in is available only on iOS and on Android devices running Android 6.0 or above.
To turn on phone sign-in for your work/school account:
- Open the Microsoft Authenticator app and tap on your work or school account. Once you tap the account tile, you will see a full screen view of the account.
- If you see Paswordless sign-in enabled message near the top of the screen, that means you are fully set up to sign in without your password.
- If you see Enable phone sign-in, tap it to turn on phone sign-in.
After you turn on phone sign-in, use the following steps to use the Authenticator app for passwordless phone sign-in:
- Enter your username at the sign-in page.
- Selects Next.
- If necessary, selects Other ways to sign in.
- Selects Approve a request on my Microsoft Authenticator app.
- You are then presented with a number. The Authenticator app prompts you to authenticate by typing the appropriate number, instead of by entering a password.
After you have used passwordless phone sign-in once, the app then offers you this method as the default. You are always able to choose another method.