An interesting revelation has emerged from the Microsoft camp. Starting with a new Windows 10 build codenamed 19H1, Microsoft wants to eliminate passwords. The move towards having password-less devices began with the insider build 18305, where it was exclusive. However, moving forward, all future builds on Windows devices will allow users to go password-less.
Of course, this is an exciting progression of technology and will go a long way in securing accounts against hacks. Let us look at exactly how this system is going to work.
How Will Windows Go Password-less?
In a nutshell, Windows plans to replace passwords with mobile phones. So, when you create a new Microsoft account, you will need to provide your phone number. After that, you will be sent a code through which you can sign-in. Once that is done, you can choose from multiple options for sign-in.
These include fingerprint, face login, and PIN. Thereafter, you will not need to go through the whole password hassle when you log in through the same device. However, you will have to use the code login process if you decide to use a new device.
What is the Benefit of This Password-Less Login Method?
Broadly speaking, there are two types of benefits from going password-less. Firstly, the users are going to have a much more convenient time logging in. Not only will logging in be easier but there will be no issues with lost passwords and needing to retrieve them.
On the other side of the process, the security aspect will gain a boost. For most sophisticated technologies, the weakest links are still user-made passwords. There are plenty of social engineering methods to identify user passwords as well. By eliminating the need for a password, accounts become far more secure.
Further, the additional user input required through biometrics or PIN adds another layer of security. So, perpetrating an account breach by simple login becomes extremely difficult. By eliminating the weak link in the tech security chain, Windows is trying to secure devices and their users from cyber threats.
How is Microsoft Planning to Implement This Technology?
It is clear that this technology is going to benefit users and Microsoft equally. But the introduction of this technology is going to determine how successful it is and who benefits from it. In that regard, Microsoft has devised a four-phase plan which will facilitate the implementation of password-less login protocol. Let’s look at each phase individually to understand what they will entail.
Offer Password-Less Options to Users
This is the first phase of the process and will involve users being offered the option of going password-less. As we said earlier, only those who have the builds which offer this option can avail the facility. The exact details of the offerings are not clear at present but most likely those who want to keep passwords can do so.
Reduce User Password Area
Once the concept of password-less has been taken up by platforms, the teams at Microsoft will go about cross-platforming. Doing this will allow Microsoft to address the life-cycle of devices without any redundancies.
Server Side Password-Less Implementation
In this phase, servers and IT companies are going to be given the impetus, infrastructure and technology go password-less. This will help further implement password-less login infrastructure and orient users to the technology. At the same time, they can also test for breach points in the tech and systematically eliminate them.
Get Rid of Passwords Entirely
The fourth and final phase of the password replacement process would involve eliminating passwords. This will be done by purging the Id directories which are used to identify accounts. Once that is done, users will be able to log in simply by using their devices and without bearing security risks.
At present, Microsoft is processing the methods through which it can introduce the password-less framework. Let’s us look at the two technologies currently being considered for use under this tech.
Which Software Is Microsoft Going to Use to Go Password-Less?
Broadly speaking, there are two software tools that are currently under consideration. These are Windows Hello and Microsoft Authenticator App. Let’s look at what each of these involves.
This is the primary feature which is going to be used by Microsoft for authentication. But it is not going to use passwords. Rather, the device will use some type of biometric or a remote authentication protocol. So, you can either have a fingerprint login or you can have facial recognition or a phone-based authentication. The user will have the choice between these three based on their device type. They can also use PIN logins for further security when on public networks.
The Microsoft Authenticator is a mobile app which will be used to authenticate any user who does not have biometrics. This will be used to identify the user every time log in. Of course, the app will have to be installed on the user’s smartphone and must be accessed for logins. The exact details for both online and offline logins will be revealed by Microsoft as the technology is deployed.
How Will FIDO2 Impact Windows Hello?
Fast Identity Online is directly connected with Windows and has been around for some time. The recent launch of FIDO2 means that Windows Hello will be using it as well. So, users can expect it to play a part in the overall authentication process.
Of course, using Windows Hello will mean that the user needs to share their security keys with Windows servers. Now, it is not necessary that everyone will be thrilled with that but there are more pros than cons for this technology.
Letting Microsoft store user login credentials minimizes the chances of hacks. Biometrics will be housed safely on localized Microsoft servers which will then be used for authentication. The same goes with a PIN or any other method like phone numbers.
The chances of Microsoft data servers being hacked should be very few. And considering the convenience password-less logins offer, this technology is definitely going to make life a lot easier for everyone.