Serviceteam IT Security News
The software giant takes passwords one step closer to obsolescence as it now enables users to log into their Microsoft accounts with more modern forms of authentication

Microsoft has announced that it is enabling users to log into their Microsoft accounts without usernames and passwords.

Instead of passwords – which the tech behemoth has previously described as “inconvenient, insecure, and expensive” – Windows 10 users can switch to physical security keys or biometrics-based Windows Hello for authentication.

“This combination of ease of use, security and broad industry support is going to be transformational,” reads Microsoft’s announcement. “Every month, more than 800 million people use a Microsoft account to create, connect, and share from anywhere to Outlook, Office, OneDrive, Bing, Skype and Xbox Live for work and play. And now they can all benefit from this simple user experience and greatly improved security.”

Beyond the security key, there are also the options to verify users with Windows Hello’s facial, iris or fingerprint recognition, as well as with the help of the Microsoft Authenticator app for Android and iOS.

Check out this video from none other than Microsoft:

Don’t rush to forget your Windows password just yet, however. There may be a few things to do – or even buy – before you can possibly consign your password to history and use biometrics or PIN to access services such as Outlook, Office, Skype, OneDrive, and Xbox Live.

The new authentication option will work only on the company’s Edge browser, which began to support the WebAuthn password-free login standard earlier this year. You also need the latest Windows 10 version (version 1809, also known as the October 2018 update).

Then, of course, there’s also the key itself, which needs to be compliant with the FIDO2 standard. The special USB dongle with an embedded fingerprint sensor will set you back for anywhere from around $20 to $60. Two well-known companies that manufacture such keys are Yubico and Feitian Technology.

Meanwhile, a security key that relies on the FIDO U2F (“Universal 2nd Factor”) specification – such as Google’s Titan Security Key – doesn’t conform to FIDO2, so it wouldn’t work here.

To protect an account, FIDO2 uses a public/private key encryption pair created by the security key. In addition to plugging the key to a computer or laptop’s USB port, you still need to scan your fingerprint or enter your PIN. Possessing the key is not enough to unlock an account, so even if your key is stolen, the thief shouldn’t get very far without your PIN or finger(print) in their hands. Obviating the need for passwords also greatly enhances protection from phishing scams and other attacks that rely on stealing users’ usual login credentials.

Whichever authentication method for your Microsoft account you choose, you first need to log into your account – obviously still with your username and password and only on Edge. Once in, go to “Security”, then to “More security options”, on to “Windows Hello and security keys”, and follow the instructions. A detailed help article is also available.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!