Just using a login id and password is dangerous. For best protection we must use two factor login – password + OTP. But this is inconvenient and irritating. Now we have a new option – Password-less login – for Office 365. This is secure as well as convenient. See how easy it is and ask your IT team to enable it for you. (5 min reading time)
This requires you to download Microsoft Authenticator app on your mobile and configure it once. You must enable the Phone Sign-In option.
Once this is done, you do NOT need to type in your password at all during login. Here are the steps.
- Go to the login page Office.com and click Sign In
- Enter the login name and click Next
- Now, instead of asking for your password, it will just display a number
- At the same time, you will receive a notification on your mobile. This notification shows three numbers.
- Choose the correct number from the mobile notification and choose Approve
- If the phone was locked at the time of receiving this notification, you will have to enter unlock code or use fingerprint or face sign-in
- That’s it. Now your login is done … without entering the password.
What happens if there is no internet connection
For the Password-less login to work, the Microsoft Authenticator app requires internet connection on the mobile. If there is no internet connection, you can click on the Use your password instead option.
In this case, you can type the password as usual. You will NOT receive a notification on mobile. But the Microsoft Authenticator app will still show the code for your account. Type that code and the login will work. The codes are automatically generated every 30 seconds. This does not require an internet connection on your mobile.
Ask IT to enable Password-less login
This is an Azure AD feature. Ask your IT team to refer to this article for details. It is just a single PowerShell command as of now (Dec 2018). Soon it will be available as an option in Azure AD portal user interface as well.