This must be the most click-bait infested site I've subscribed to. And I keep falling for the titles every damn time.
First, this method was not introduced by Microsoft. I've been using it with Google for a while and if I remember correctly the first service I saw using it was Yahoo Mail.
Second, I've been using the app on Android for several months and just recently it was fixed. I first received a notification, asking me for approval, and when I clicked approve it opened the app and asked me for a code on the PC browser, of course on the app there was no code and the only code was displayed on the browser itself and (luckily) using that code didn't work. I tested last saturday and it was working so it's been recently fixed.
Thirst, this is nothing new. This is an alternative method of 2-step authentication (in contrast with the usual method of using a code generated by a code generated by a Authenticator App (like Google Authenticator or Authy). Two-Step Authentication have been around for years in case you didn't know.
Fourth, you still need the password as a failover in case you lose your phone, and you can also generate master passwords for most services that support 2-step authentication.
Finally, please, stop it with the sensationalist article titles. This website is nice, but frankly and getting tired of them.