Windows 10 has been available for over a week now and tens of millions of PCs around the world have already upgraded to the latest flagship operating system from Microsoft. Windows 10 represents an evolution of the concept of what a desktop OS should be or the role it plays in an increasingly mobile and cloud-connected world. It also includes a variety of new and improved security features that enable you to use your computer and surf the web with confidence.
Bill Gates predicted the demise of the password as a primary method of authentication at the RSA Security Conference in 2004. It’s more than a decade later and most of the world still relies on the simple username and password for granting access to PCs and sensitive applications and data. It’s also true that cyber criminals have gotten much better at compromising credentials and exploiting weak passwords. We’ve had ample evidence in recent years to demonstrate just why passwords should die and why two-factor authentication or alternative forms of authentication make more sense.
Windows 10 provides an opportunity for stronger authentication thanks to Microsoft Passport. Microsoft Passport integrates with a Microsoft Account, Active Directory (AD) account, Microsoft Azure Active Directory account, or non-Microsoft services that support FIDO (Fast ID Online) authentication. Users go through the process of enrolling in Microsoft Passport once and can then access the PC and all of their applications or services after authenticating with Microsoft Passport using a PIN, or Windows Hello.
Microsoft Passport relies on gestures and/or biometric methods for authentication rather than passwords. With no passwords to compromise the risk from phishing scams or brute force attacks is minimized. The potential for server breaches is also reduced because Microsoft Passport credentials use keys generated within secure environment of TPMs (Trusted Platform Modules).
Windows Hello takes the concept of Microsoft Passport to another level. Microsoft’s current Windows 10 TV campaign shows babies around the world and paints a picture of the technology they’ll grow up with—starting with the ability to log in with nothing but your smile. Windows Hello actually includes fingerprint scanning, iris scanning, and facial recognition, but it’s the facial recognition that has garnered the most attention. A Windows 10 PC with equipped with the right camera technology will simply recognize you and authenticate you as soon as you sit down at the computer.
The tricky part is finding a PC equipped with the right camera technology. The Windows Hello facial recognition is more advanced than simply matching an image of your face. Simple facial recognition can be circumvented using nothing more than a decent photo of the individual’s face on your smartphone. Windows Hello facial recognition requires an Intel RealSense 3D camera. The technology behind Intel RealSense 3D senses depth and identifies uniquely personal characteristics that go beyond the surface image—it’s a more comprehensive imaging capability similar to the way Microsoft’s Kinect is able to recognize Xbox users.
Passwords are a pain. It’s a challenge to think up complex passwords and then keep track of them all and it seems that no matter how strong your passwords are the bad guys still find ways to compromise them. It’s taken much longer than Bill Gates dreamed in 2004, but it really is time for the password to die and security technologies like Microsoft Passport and Windows Hello make Windows 10 the operating system that may finally end your dependence on this antiquated form of authentication.
