Recently Microsoft declared that it will enable to access their Microsoft accounts sans passwords and usernames.
The tech giant has formerly described passwords as “expensive, inconvenient, and insecure.” Now instead of passwords, Windows 10 users can opt for biometrics or physical security keys-based Windows Hello for verification.
Microsoft’s announcement reads, “This combination of ease of use, security and broad industry support is going to be transformational. Every month, more than 800 million people use a Microsoft account to create, connect, and share from anywhere to Outlook, Office, OneDrive, Bing, Skype and Xbox Live for work and play. And now they can all benefit from this simple user experience and greatly improved security.”
Other than the security key, there are options available to authenticate users with Windows Hello’s fingerprint, facial, or iris recognition or with the help of the Microsoft Authenticator app that is available for iOS and Android.
So, do not simply rush to forget your Windows passwords instantly. There might be a few additions to this update before you can possibly get rid of your password and start using PIN or biometrics to avail services like OneDrive, Office, Xbox Live, Skype, and Outlook.
The new verification option will operative only on the company’s Edge browser which started supporting the WebAuthn password-free login standard earlier this year. You will further need to update your system with Windows 10 version—version 1809 also termed as the October 2018 update.
Undoubtedly then there is the key itself which has to be compliant to the FIDO2 standard. The unique USB dongle with an inbuilt fingerprint sensor will cost you around $20 to $60. The top-notch companies that manufacture these keys are Feitian Technology and Yubico.
In the meantime, a security key that is dependent on the FIDO U2F (“Universal 2nd Factor”) descriptions like Google’s Titan Security Key isn’t compatible with FIDO2, so it will be non-functional here.
To secure an account, FIDO2 incorporates private/public key encryption pair designed by the security key. Along with plugging the key to a laptop or computer’s USB port, you will need to enter your PIN or scan your fingerprint.
Owning the key is not adequate to unlock an account, so in case if your key is stolen, the thief won’t be able to get very far without your fingerprint in their hands or PIN. Forestalling the requirement for passwords also tremendously boosts protection from phishing scams and the attacks that are dependent on stealing user’s usual login credentials.
Either verification method you use for your Microsoft account, you first and foremost need to access your account—undoubtedly still with your password and username and only on Edge. Once logged in, click on “Security”, then to “More security options”, on to “Windows Hello and security keys” and follow the instructions.