Windows 10 gains FIDO certification for biometric logins
Microsoft’s war against passwords reaches a significant milestone as users are urged to use Windows Hello
The FIDO Alliance has granted Microsoft official certification for its Windows 10 authenticator Windows Hello from the forthcoming May 2019 upgrade.
Using facial recognition, fingerprint scanning, and a secure PIN number on Windows 10 from next month will be deemed 'FIDO2 Certified' for more than 800 million Windows 10 devices from next month. This means some significant weight will be added to Microsoft's long-term move away from conventional passwords.
The 'FIDO2 Certified' applies to systems that meet the alliance's standards for secure logins to websites and apps via biometrics, mobile devices, or FIDO security keys. These are also backed by strong cryptographic security.
And beyond just being used to sign into a Windows 10 user account, Windows Hello is compatible with an array of Microsoft services as well as web browsers, from Office 365 to OneDrive and even Mozilla's Firefox.
"Our work with FIDO Alliance, W3C and contributions to FIDO2 standards have been a critical piece of Microsoft's commitment to a world without passwords," said principal group program manager with Microsoft Yogesh Mehta.
"No one likes passwords (except hackers). People don't like passwords because we have to remember them. As a result, we often create passwords that are easy to guess - which makes them the first target for hackers trying to access your computer or network at work.
"Windows Hello was built to align with FIDO2 standards so it works with Microsoft cloud services and within heterogeneous environments."
Microsoft has also encouraged other companies and software developers to phase out passwords in the future by investing in alternatives.
The company has long been a detractor of password security, previously suggesting on numerous occasions that they pale against alternative authentication methods such as biometrics or two-factor authentication (2FA).
Just last month the company announced it would phase out 'expiring passwords' in the next Windows 10 upgrade. The firm suggested this dated security practice increases the likelihood of passwords being stolen because users are more likely to write them down.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download