// Security NEWS // Windows 10 Says Hello To The End of Passwords With FIDO2

in #news6 years ago

Microsoft has taken a new step in its quest to remove passwords. The company has now obtained official FIDO2 certification for Windows Hello, the Windows 10 biometric authentication system.

Capture d’écran 2019-05-14 à 17.52.19.png

Source

The certification applies to Windows 10 version 1903, the May 2019 update, which is expected to be released to the public in late May. This certification means that Windows Hello has been approved as a FIDO2 authenticator.

Windows Hello offers Windows 10 users the possibility to deploy their devices using fingerprint or facial recognition sensors on the PC, as well as confidential codes.

"No one likes passwords (except hackers)," says Yogesh Mehta, group manager for Microsoft's crypto, identity and authentication team in Azure Core OS.

"People don't like passwords because we have to remember them. As a result, we often create passwords that are easy to guess – which makes them the first target for hackers trying to access your computer or network at work."

Consumers can expect to see the first FIDO-certified logos on the new Windows 10 PCs, and they will be able to connect to online accounts using Windows Hello on all computers upgraded to 1903 using the FIDO2 standard.

This certification is part of an industry-wide push for passwordless sign-in. It can be brought closer to the standard WebAuthn or Web Authentication WC3 supported by Mozilla Firefox, Microsoft Edge and Google Chrome. The standard is also being implemented as a test by Apple Safari while Chrome on Android is officially certified as FIDO2.

With WebAuthn, users can register and authenticate on websites or applications using an "Authenticator" - such as Windows Hello - instead of a password. This authenticator can be a physical security key that the user has connected to a computer. It can also be a biometric identification acquired from a PC or smartphone biometric sensor. WebAuth was officially approved in March.

The FIDO2 certification implemented on Windows 10 1903 is not limited to Microsoft software. For example, Windows 10 users who prefer Mozilla Firefox will be able to connect to their Microsoft account and other sites supporting FIDO with Windows Hello. In addition, users of Microsoft Edge, based on chrome, will soon be able to do the same.

Microsoft sites that users should be able to connect to with Windows Hello - whether on Edge, Chrome or Firefox - include Outlook.com, Office 365, Skype, OneDrive, Cortana, Microsoft Edge, Xbox Live on PC, Mixer, Microsoft Store, Bing and MSN.

While major online services like Dropbox currently support WebAuthn, not everyone is convinced that Microsoft’s Windows Hello technology is the most suitable.

The UK banking group Lloyds recently announced that it does not intend to support Windows Hello for logging into online accounts.

Sources : Tech Community and The Verge

Stay Informed, Stay Safe

DQmdpsoEfLe5nRg4Q1oKWHNjLdMnAucCYfRou1yF5Yiwrzs.png

DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif