Goodbye Passwords, Hello Biometrics

By now you’re probably familiar with Windows Hello, Windows’ biometric authentication platform, but we thought it would be a good time to get reacquainted with device security, including those offered by VAIO. 

Windows Hello was created to limit the vulnerability of Windows by eliminating the need for passwords and other areas where an identity can be stolen. (PINs can still be used, but more on that later.) Instead, users create a facial, iris, or fingerprint scan to log into devices.  This is alternately known as Fast ID Online, or FIDO. 

 

Windows 10 users can improve the scans and add or remove additional fingerprints. After set-up, all it takes is a glance or fingertip swipe to unlock access to Microsoft accounts, core sets of application programming interfaces (API), and third-party applications that use API. A 3D structured light creates a model of the user’s face that limits spoofing and fake models or images trying to fool the system. 

Now, about those PINs. A few interesting things about security have been observed since the advent of PIN use, namely that they are very sturdy against brute force attacks, and difficult to crack because they are tied to a single device and it’s TPM, or Trusted platform chip. Only one device is affected if compromised, which allows IT departments to isolate the intrusion much like quarantining a person infected with a disease. 

Windows Hello endeavors to make security stronger and less disruptive, not only by eliminating passwords but by also making the interface with users more seamless, and thereby less likely to be circumvented by attacks. Also by ensuring login credential are unique across every device and website, and never stored on servers. 

We are very close to a password-less future where phishing and identity theft will be almost impossible to achieve.