3. 20%
of support calls for enterprises are
about forgotten passwords
540K
forgotten
passwords
For Microsoft account, on a yearly basis
$5M+
spent on forgotten
passwords
John Doe
lllllll
11. Apps
Web app
Device sign in
App that works
crossplatform
Device + Biometric
Biometric on device
+
Windows 10 or other OS
Microsoft Edge or other browser
Any device
Azure Active
Directory
Microsoft
account
20. Phone sign-in using Microsoft Authenticator
Password-less authentication
Public / Private key exchange
Works cross-platform and on all browsers
Microsoft Authenticator
rcalafato@live.com
21.
22. Passwordless sign in only works with Microsoft
Account and Azure AD
Not all phones have a secure enclave
What if you lose your phone?
Limitations of Authenticator
29. Path to Passwordless
1. Develop password-
replacement offerings
2. Reduce user-visible
password surface area
3. Transition into
password-less deployment
4. Eliminate passwords
from identity directory
Windows Hello for Business
Authenticator App
FIDO
Windows 10S is passwordless
36. What’s Coming?
1. Develop password-
replacement offerings
2. Reduce user-visible
password surface area
3. Transition into
password-less deployment
4. Eliminate passwords
from identity directory
Windows Hello for Business
Authenticator App
FIDO2 Security keys
Windows 10S is passwordless
Windows is passwordless
MSA and AAD doesn’t need a
password
Users can create passwordless MSAs
Users can turn off passwords for their existing MSAs
IT admins can turn off passwords