As explained in a Microsoft blog post on Tuesday, customers must have either the Android or iOS version of the Microsoft Authenticator app on their smartphones, then enter their usernames as usual. Then, instead of keying in a password, they’ll receive notifications on their phones. Tapping the “Approve” notification unlocks the phone.

The goal is to “shift the security burden” from a user’s often-overtaxed memory to his or her device, wrote Alex Simons, director of program management in Microsoft’s Identity Division.

Simons continued:

This process is easier than standard two-step verification and significantly more secure than only a password, which can be forgotten, phished, or compromised. Using your phone to sign in with PIN or fingerprint is a seamless way to incorporate two account “proofs” in a way that feels natural and familiar.

Given people’s dependence on their phones, this move makes sense for Microsoft as does the notion of giving users of Apple (AAPL) and Android devices a reason to download a Microsoft (MSFT) app.

Get Data Sheet, Fortune’s technology newsletter.

In an update to the post, Simons confirmed that there is no analogous feature for Windows Phones. While there is a Windows Phone version of Microsoft Authenticator—as those phones have a tiny slice of the market share—iOS and Android versions were the top priority.

If and when Windows Phone “becomes a big success” that may change, he noted.