This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Why are passwords considered a weak form of authentication?
They rely on shared knowledge that can be stolen or reused
They require biometric verification
They're stored only on secure devices
They automatically verify a user’s identity
What does passwordless authentication use instead of passwords to verify identity?
Shared secrets between users and systems
Something the user has or is
Repeated password entry across services
Email-based password recovery links
Which passwordless method is best suited for users who primarily work on a single, trusted device?
Windows Hello
Authenticator app
Security keys
Credential stuffing
How do authenticator apps verify a user during sign-in?
By requiring the user to enter a stored password
By sending a verification request to a mobile device for approval
By scanning the user’s fingerprint on any device
By automatically granting access without interaction
Why are security keys considered highly resistant to phishing attacks?
They store passwords in encrypted form on servers
They require possession of a physical device and user interaction
They rely on email verification for every sign-in
They allow shared access across multiple users
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?