Microsoft has introduced a new authentication method for logging into its online accounts: rather than remember and type in a complex password, use an app on your smartphone to confirm it's really you logging in and not some miscreant.
That's great news because it should thwart the vast majority of attempts by hackers to hijack people's accounts. The bad news: it doesn't work with Microsoft's Windows Phone because too few people use the operating system for Redmond to bother supporting it.
Microsoft customers, it's official: Microsoft thinks you don't deserve the latest convenient security tools because there are too few of you. (Luckily, there are still other ways to secure your online Microsoft accounts, such as using one-time codes texted to your phone.)
The software giant this week rolled out the latest version of Microsoft Authenticator for iOS and Android, which can approve or block attempts to sign into one's Microsoft online accounts. The moneybags tech goliath believes this feature will prove easier to use than conventional two-factor authentication because it will not require entering a password and code – the user can simply approve the sign-on directly from their handset.
Microsoft manager Alex Simons explained the reasoning:
Here in the identity division at Microsoft, we don’t like passwords any more than you do! So we’ve been hard at work creating a modern way to sign in that doesn’t require upper and lowercase letters, numbers, a special character, and your favorite emoji. And after a soft launch last month, we’re excited to announce the GA our newest sign-in feature: phone sign-in for Microsoft accounts!
With phone sign-in, we’re shifting the security burden from your memory to your device. Just add your account to the Android or iOS Microsoft Authenticator app, then enter your username as usual when signing in somewhere new. Instead of entering your password, you’ll get a notification on your phone. Unlock your phone, tap “Approve”, and you’re in.
Available for Android, iOS and ... that's it
When asked why Windows Phone wouldn't be included in the general availability rollout, Simons said what most mobile developers have said, but Redmond has so far not wanted to admit: Windows Phone doesn't matter.
"Windows Phone makes up less than five per cent of the active users of our Authenticator Apps, so we have prioritized getting this working with iOS and Android for now," Simons conceded.
"If or when it becomes a big success on those high-scale platforms, we will evaluate adding support for Windows Phone."
This is, of course, very true. Windows Phone is, at this point, basically a rounding error in the mobile operating system world, but it is one that Microsoft continues to pour its time and money into. Having an in-house manager admit it's not even worth coding for is a rather bad look for that effort.
One punter, commenting on Simons' announcement, wrote:
It is clear that Microsoft does not give a damn about supporting their own Windows operating system and Windows users. They clearly only care about supporting their competitors' operating system and iOS and Android users. As a Windows 10 user on my desktop, laptop, tablets and Lumina 950 phone I’m considered a non-important user since I don’t use a competitor's OS! Microsoft, how about supporting your own operating system customers first!
Meanwhile, a bloke called Scott hit the nail on the head:
Not having something available at GA on Windows phones is a big deal – it sends out the message loud and clear.
The woe continued with another annoyed customer chiming in:
Seriously? You’re taking my money for a Microsoft smartphone, just to kick my balls only one year later, simply saying: we don’t care about our own small customer base? Even if you’re not interested in Windows Phone anymore, ever heard the term “customer service”? That’s disappointing. Please reconsider this if you want me to buy your products in the future.
Hopefully the mobile Windows team won't run up the bill too high later this month when Simons has to take them out for dinner to atone. ®