Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Microsoft introduces passwordless feature in its Windows 10 devices, replaces it with Windows Hello face authentication, fingerprints, or a PIN

Save for later
  • 3 min read
  • 12 Jul 2019

article-image
For most of us, it is difficult to remember passwords across multiple devices and accounts. Also, if one account gets hacked, then attackers can manage to gain access to all the other accounts. Even though features like two-factor authentication (2FA) exist but not many use them. To make things simpler for its customers, Microsoft has introduced a "Make your device passwordless” feature in its Windows 10 devices.

Just two days ago, the team at Microsoft announced Windows 10 Insider Preview Build 18936 in the Fast ring. The test build comes with a new sign-in option, "Make your device passwordless" in Settings. This means PCs can use Windows Hello face authentication, fingerprints, or a PIN code. The password option will no longer be there on the login screen if users opt-in for “Make your device passwordless” feature.

https://twitter.com/msftsecurity/status/1064926596778401792

According to Microsoft, a PIN code is far more secure than a password, even though it appears to be very simple to use a four-digit code. The advantage is that it uses unknown variables and also the code is stored on a device and not shared online. Windows 10 stores the private key on a device with a Trusted Platform Module (TPM), which is also a secure chip that keeps a PIN local to the device only. 

In case of a server being compromised or a password being stolen, an attacker can access the user’s device or account. But such an attack wouldn’t be effective with a Windows Hello PIN because the passwordless feature will still work through Azure Active Directory. It will further lock down business devices and protect valuable data by removing the password.

This feature is currently available only for a set of Fast Ring Insiders and will be made available for others later this week. Users need a FIDO2-compatible security key for trying out these new capabilities. Microsoft has made public preview of FIDO2 security keys support in Azure Active Directory, available.

It seems the company has been trying to convince Windows 10 users to opt into two-factor authentication processes such as basic SMS, Windows Hello, a separate Microsoft Authenticator app, or even physical security keys with the FIDO2 standard. 

Microsoft Defender ATP detects Astaroth Trojan, a fileless, info-stealing backdoor

Microsoft will not support Windows registry backup by default, to reduce disk footprint size from Windows 10 onwards

Microsoft is seeking membership to Linux-distros mailing list for early access to security vulnerabilities