使用手机而不是密码登录Sign in with your phone, not your password

在你输入密码后,Microsoft Authenticator 应用不仅可以通过执行双重验证来帮助保护帐户的安全,而且现在它还能完全取代 Microsoft 帐户密码。The Microsoft Authenticator app not only helps you keep your accounts secure by performing two-step verification after you enter your password, but now it can replace the password for your Microsoft account entirely.

此功能可在 iOS 设备和运行 Android 6.0 或更高版本的 Android 设备上使用。This feature is available on iOS and Android devices running Android 6.0 or above.

工作原理How it works

在登录 Microsoft 帐户时,许多人会将 Microsoft 验证器应用用于双重验证。Many of you use the Microsoft Authenticator app for two-step verification when you sign in to your Microsoft account. 键入密码,并转到该应用以批准通知或获取验证码。You type your password and then go to the app to either approve a notification or to get a verification code. 使用手机登录时,会跳过密码,并在手机上完成所有身份验证。With phone sign-in, you skip the password and do all your identity verification on your phone. 由于手机登录是一种双重验证,因此仍需提供你知道和拥有的事物来验证自己的身份。Because phone sign-in is a type of two-step verification, you still need to verify your identity by providing a thing you know and a thing you have. 手机是你拥有的事物,手机的 PIN 或生物识别密钥则是你知道的事物。The phone is still the thing you have, but your phone's PIN or biometric key is now the thing you know.

为工作或学校帐户启用手机登录Turn on phone sign-in for your work or school account

如果你的组织已启用了新体验,你将能够通过 Microsoft Authenticator 启用并使用手机登录。If your organization has turned on this new experience, you’ll be able to turn on and use phone sign-in from the Microsoft Authenticator app.

为帐户启用手机登录To turn on phone sign-in for your account

  • 如果手机上有此图标 表明你已进行了设置的图标If you have this icon icon showing you're set up on your phone. 这表示已设置手机登录。You’ve already set up phone sign-in. 系统可能要求你升级帐户以添加推送通知,以便在从应用外部发送身份验证请求时,可以收到通知。You might be asked to upgrade your account to add push notifications, so you can be notified about authentication requests outside of the app.

  • 如果已使用 Microsoft Authenticator 应用进行双重验证。If you already use the Microsoft Authenticator app for two-step verification. 请转到应用的“帐户”屏幕,选择工作或学校帐户旁边的下拉箭头,然后选择“启用手机登录”。 Go to the Accounts screen of the app, select the drop-down arrow for your work or school account, and then select Enable phone sign-in.

  • 如果为个人帐户使用了 Microsoft Authenticator 应用,但没有为工作或学校帐户使用该应用。If you use the Microsoft Authenticator app for your personal account, but not for your work or school account. 请遵照组织的双重验证说明,然后启用手机登录。Follow your organization’s two-step verification instructions, and then turn on phone sign-in. 有关详细信息,请参阅 Microsoft Authenticator 应用入门For more information, see Get started with the Microsoft Authenticator app.

使用手机登录方法登录到工作或学校帐户To use phone sign-in to sign in to your work or school account

  1. 像平时一样登录到工作或学校帐户。Sign in to your work or school account, as normal.

    键入用户名后,会看到一个页面,其中包含一个两位数的数字,并要求通过 Microsoft Authenticator 应用批准登录。After typing your username, you'll see a page with a two-digit number, asking you to approve the sign-in through the Microsoft Authenticator app. 如果不想要使用此登录方法,可以选择“改用密码”,并使用密码登录。 If you don’t want to use this sign in method, you can select Use your password instead, and sign in using your password.

    “批准登录”框

  2. Microsoft 身份验证应用程序中会显示一条通知,要求你批准登录In the Microsoft Authentication app, you'll get a notification asking you to Approve sign-in. 如果你认可这次登录,请选择“批准”。 Choose Approve if you recognize the sign-in attempt. 否则请选择“拒绝” 。Otherwise, choose Deny.

  3. 点击“批准登录”屏幕上显示的同一数字。 Tap the same number you see on the Approve sign-in screen. 使用手机的 PIN 或生物识别密钥完成身份验证。Use your phone’s PIN or your biometric key to complete the authentication.

    带有待选择的数字的“批准登录”框

为个人帐户启用手机登录Turn on phone sign-in for your personal account

可为个人 Microsoft 帐户(例如,用来登录 Outlook.com、Xbox、或 Skype 的帐户)启用手机登录。You can turn on phone sign-in for your personal Microsoft account, such as the account you use to sign in to Outlook.com, Xbox, or Skype.

为个人帐户启用手机登录To turn on phone sign-in for your personal account

  • 如果未使用 Microsoft Authenticator 应用。If you don’t use the Microsoft Authenticator app. 下载并安装 Microsoft Authenticator 应用,然后从 Microsoft Authenticator 应用的“添加帐户”屏幕登录到帐户,以添加个人 Microsoft 帐户。Download and install the Microsoft Authenticator app, and then add your personal Microsoft account by signing in to the account from the Add accounts screen of the Microsoft Authenticator app. 有关详细信息,请参阅 Microsoft Authenticator 应用入门For more information, see Get started with the Microsoft Authenticator app.

    新帐户会自动启用,因此你可以立即开始使用手机登录。New accounts are automatically turned on, so you can immediately start using phone sign-in.

  • 如果已使用 Microsoft Authenticator 应用进行双重验证。If you already use the Microsoft Authenticator app for two-step verification. 请转到应用的“帐户”屏幕,选择工作或学校帐户旁边的下拉箭头,然后选择“启用手机登录”。 Go to the Accounts screen of the app, select the drop-down arrow for your work or school account, and then select Enable phone sign-in.

    备注

    为帮助保护帐户,该应用要求在设备上设置 PIN 或生物识别锁。To help protect your account, the app requires a PIN or biometric lock on your device. 如果将手机保持解锁状态,该应用会要求在启用手机登录之前设置安全锁。If you keep your phone unlocked, the app requires you to set up a security lock before turning on phone sign-in.

使用手机登录方法登录到个人帐户To use phone sign-in to sign in to your personal account

  1. 转到个人 Microsoft 帐户登录页,然后选择“改用 Microsoft Authenticator 应用”链接,而不要键入密码 。Go to your personal Microsoft account sign-in page, and then instead of typing your password, select the Use the Microsoft Authenticator app instead link.

    Microsoft 向手机发送通知。Microsoft sends a notification to your phone.

  2. 批准通知。Approve the notification.

手机登录常见问题解答Phone sign-in FAQ

问题Question 解决方案Solution
为何使用手机登录比键入密码更安全?How is signing in with my phone more secure than typing a password? 当今,大部分人都是使用用户名和密码登录到网站或应用。Today most people sign in to web sites or apps using a username and password. 遗憾的是,密码可能会丢失、被盗或被黑客猜出。Unfortunately, passwords can be lost, stolen, or guessed by hackers.

安装 Microsoft Authenticator 应用后,该应用会在手机上创建一个密钥,用于解锁受手机 PIN 或生物识别锁保护的帐户。After you set up the Microsoft Authenticator app, it creates a key on your phone to unlock your account that’s protected by your phone’s PIN or biometric lock. 登录时,可以使用此密钥来证明自己的身份。This key is then used to prove your identity while signing in.

重要说明 Important
你的数据仅用于在本地保护你的密钥。Your data is only used to protect your key locally. 这些数据永远不会发送到或者存储在云中。It’s never sent to, or stored in, the cloud.
这是否会取代双重验证?是否应将其关闭?Does this replace two-step verification? Should I turn it off? 我们正努力扩展手机登录的适用范围,但目前在 Microsoft 生态系统中仍有不支持它的情景。We're working to expand the scope of phone sign-in, but for now there are still places in the Microsoft ecosystem that don't support it. 在这些场合中,仍需要使用双重验证进行安全登录。In those places, we're still using two-step verification for secure sign-in. 因此,不应关闭帐户的双重验证。For that reason, no, you shouldn't turn off two-step verification for your account.
如果为帐户保持启用双重验证,是否必须批准两个通知?If I keep two-step verification turned on for my account, do I have to approve two notifications? 否。No. 使用手机登录到 Microsoft 帐户也算作双重验证,因此不需要再次批准。Signing in to your Microsoft account using your phone also counts as two-step verification, so there is no second approval required.
如果手机遗失或未随身携带,如何访问我的帐户?What if I lose my phone or don’t have it with me? How do I access my account? 始终可以在登录页中选择“改用密码”链接,重新改用密码登录。You can always select the Use a password instead link on the sign-in page to switch back to using your password. 但是,如果使用双重验证,则仍需要使用第二种方法来验证身份。However, if you use two-step verification you’ll still need to use a second method to verify your identity.

重要说明 Important
强烈建议确保有多个最新的验证方法与你的帐户相关联。We strongly encourage you to make sure you have more than one, up-to-date, verification method associated with your account.

如果无法管理验证方法,则必须与管理员联系。If you’re unable to manage your verification methods, you must contact your administrator.
如何停用此功能,并重新改用密码登录?How do I stop using this feature and go back to using my password? 对于个人帐户,请在登录期间选择“改用密码”链接。 For personal accounts, select the Use a password instead link during sign in. 系统会记住你最近的选择,并在下次登录时默认提供此选项。Your most recent choice is remembered and offered by default the next time you sign in. 如果想要改用手机登录,请在登录期间选择“改用应用”链接。 If you ever want to go back to using phone sign-in, select the Use an app instead link during sign in.

对于工作或学校帐户,必须删除帐户:打开 Microsoft Authenticator 应用,选择“编辑帐户”菜单,然后删除帐户。 For work or school accounts, you must remove the account by opening the Microsoft Authenticator app, selecting the Edit accounts menu, and then deleting your account.
为何不能使用多个工作或学校帐户进行手机登录?Why can’t I use more than one work or school account for phone sign-in? 一部手机只能注册到单个工作或学校帐户。A phone must be registered to a single work or school account. 如果想要为不同的工作或学校帐户启用手机登录,必须先通过“设置”页取消注册旧设备。 If you want to turn on phone sign-in for a different work or school account, you must first unregister the old device through the Settings page.
是否可以使用手机登录到电脑?Can I sign in to my PC using my phone? 我们建议使用 Windows 10 上的 Windows Hello 登录到电脑。For your PC, we recommend signing in using Windows Hello on Windows 10. Windows Hello 允许使用人脸、指纹或 PIN 登录。Windows Hello lets you use your face, fingerprint, or PIN to sign in.
是否可以在 Windows Phone 上使用手机登录?Can I use phone sign-in with my Windows Phone? 否。No. Windows Phone 上的 Microsoft Authenticator 应用不支持此功能。This feature isn’t supported by the Microsoft Authenticator app on Windows Phone.

后续步骤Next steps