Microsoft is looking to replace passwords completely by introducing Windows Hello, a biometric security feature for its upcoming operating system (OS) revamp Windows 10 which allows users to unlock computers or access websites using their fingerprint, face or iris.
Integrating biometric authentication technology into Windows 10 is a way for Microsoft to future-proof its software, as technology such as fingerprint scanners or iris recognition cameras are only just beginning to be used on consumer electronics products, from laptops to smartphones.
Microsoft says that Windows Hello will allow users to "just show your face, or touch your finger, to new devices running Windows 10 and be immediately recognised".
Microsoft also claims that as well as being more convenient than typing a password, Windows Hello is a more secure system promising "enterprise grade" security which will meet "the requirements of organisations with some of the strictest requirements and regulations".
The system will allow users to set what access Windows Hello gives users, including the ability to authenticate applications, enterprise content, and even certain online experiences - though it will need those websites to opt in to this system for it to work.
The death of passwords
By eliminating passwords, Windows Hello will also mean that users will no longer need to store passwords on their devices or in a network server, making it much more difficult for hackers to breach security.
"You, plus your device, are the keys to your Windows experience, apps, data and even websites and services – not a random assortment of letters and numbers that are easily forgotten, hacked, or written down and pinned to a bulletin board. Modern sensors recognise your unique personal characteristics to sign-you-in on a supporting Windows 10 device," Microsoft's Joe Belfiore said in a blog post introducing Windows Hello.
The system was demonstrated publicly for the first time on 18 March at the Windows Hardware Engineering Community (WinHEC) summit held in Shenzen, China by vice president Terry Myserson.
The facial or iris recognition feature will work with infrared cameras to accurately identify the users, and avoid the problems of people trying to impersonate you or use a picture to trick the system.
Windows Hello will work in collaboration with a programming system codenamed Passport, which will also be integrated into Windows 10 to allow you to authenticate apps, enterprise content or online experiences without needing a password.
Essentially by authenticating that the owner (or trusted user) is using the Windows 10 device, Passport will create an profile which will be used on a variety of websites and apps. It will mean that because there are no passwords, the only way for a hacker to breach the system is by stealing the device in question.
"Windows 10 will ask you to verify that you have possession of your device before it authenticates on your behalf, with a PIN or Windows Hello on devices with biometric sensors. Once authenticated with "Passport", you will be able to instantly access a growing set of websites and services across a range of industries – favourite commerce sites, email and social networking services, financial institutions, business networks and more."