Windows 10 Security Upgrades: Hello, Passport, FIDO

Posted by:

Windows10HelloWindows 10 will be featuring a built in security feature called Hello, as well as Passport, for online security, and is supporting the FIDO Alliance as well.  Hello will use fingerprint, facial recognition or iris scanning to authenticate you to your computer, and from there, authenticate you to your domain or workgroup resources.  The facial recognition camera will use infrared to get around recognition issues that may be caused by the addition or subtraction of facial hair in men, or the presence or absence of make-up in women.  IR also overcomes problems with differing lighting levels.  This camera will be used for iris scanning as well.

Windows Hello will provide the Enterprise-grade security and privacy required by government, defense, financial, health care, and other highly regulated operations. Windows Hello is using asymmetric key cryptography to authenticate users, and is similar to the technology that powers security in SmartCards. So the security level will be very robust, and offered, as it is, built into the Windows operating system, will require little effort from users.

Windows Passport continues this encrypted level of authentication outward to the Internet, specifically to Microsoft sites such as, OneDrive, and other web accounts that Microsoft controls.  Once Windows Hello has verified identity, it will unlock your Microsoft Passport on this system and allow access to online sites and services that use your Microsoft account. Passport also eliminates the need for online sites to store your password online where they are at risk in a cyber-attack.  Only the public keys or half of your encryption key is stored online. The main encryption key is remains secured to your computer.

Their support of the FIDO Alliance extends this commitment to non-Microsoft sites and services in a meaningful way.  The fact that Microsoft is committed to an open source standard is a refreshing change of pace for a company that has leaned on forcing proprietary solutions onto customers that lack interoperability with non-Microsoft systems and software.

We have been warning about the problem with passwords and their immanent demise as a useful security method and are encouraged with these developments in Redmond.

This article was posted earlier on my cybersecurity website


About the Author:

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.