Windows Hello FIDO2 certification gets you closer to passwordless

Published May 06 2019 09:00 AM 55.7K Views
Microsoft

With the FIDO2 certification of Windows Hello, Microsoft is putting the 800 million people who use Windows 10 one step closer to a world without passwords.

No one likes passwords (except hackers). People don’t like passwords because we have to remember them. As a result, we often create passwords that are easy to guess—which makes them the first target for hackers trying to access your computer or network at work.

Since 2015, Microsoft has been building a path to a secure and passwordless world with Windows Hello, enabling Windows 10 users everywhere to sign in to their devices using biometrics or a PIN and leave the world of passwords behind. Continuing this momentum, Microsoft announced in November of 2018 the ability to use Windows Hello or a FIDO2 security key to securely sign in to your Microsoft account on the web, without a password!

Today, the FIDO Alliance announced that, with the upcoming release of Windows 10, version 1903, Windows Hello is a FIDO2 Certified authenticator. FIDO2 enables developers to leverage standards-based protocols and devices to provide users easy authentication to online services—in both mobile and desktop environments. Microsoft is a leading member of the FIDO Alliance and is working closely with alliance members to enable passwordless login for websites supporting FIDO2 authentication. Collectively, these standards enable users to more easily and securely login to online services with FIDO2-compliant security keys and Windows Hello.

Every month, more than 800 million people use a Microsoft account to access email, play a game, or access files in the cloud. That’s why, in addition to FIDO2 certification, Windows 10, version 1903 will enable users of the latest version of Mozilla Firefox to log in to their Microsoft account or other FIDO-supporting websites. Chromium-based browsers, including Microsoft Edge on Chromium, will support the same capability soon.

We encourage companies and software developers to adopt a strategy for achieving a passwordless future and start today by supporting password alternatives—such as Windows Hello—for their users. For more details on deploying Windows Hello, see www.aka.ms/whfb.

To support secure authentication on shared Windows 10 PCs, such as those used by Firstline Workers, FIDO2 compliant Microsoft-compatible security keys offer a portable solution that enables users to log in to Windows 10 without a password. Learn more about this scenario by reading Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices.

Finally, Microsoft Authenticator can enable users to authenticate their Microsoft accounts using their mobile phones. Built on secure technology similar to Windows Hello, Microsoft Authenticator packages authentication into a simple app on your mobile device.

Windows Hello, FIDO2 security keys, and the mobile Microsoft Authenticator app are great alternatives to passwords. To truly create a world without passwords; however, we need interoperable solutions that work across all industry platforms and browsers. We will continue to invest in this space and look forward to sharing future updates. In the meantime, if you’re a developer, you can help by supporting FIDO2 authentication in your web services and applications today.

 

 

15 Comments
Version history
Last update:
‎May 07 2019 07:54 AM
Updated by: