Windows 10 embraces password-killing biometric authentication

Microsoft joined the FIDO Alliance in 2013 and is ready to add the password-less authentication standard into its flagship product.

Microsoft is about to officially join the fight for authentication without pesky passwords. The company recently announced that Windows 10 will support the Fast Identity Online (FIDO) 2.0 specification. The end result is that instead of using passwords to log in to PCs, Microsoft services, and other third-party accounts, you'll also be able to use a fingerprint or eye scan--possibly integrated with a key fob for two-factor authentication.

In its blog post announcing FIDO in Windows 10, Microsoft focused largely on features that would interest IT types, such as FIDO support for major enterprise-focused cloud services including Office 365 Exchange Online, Salesforce, Citrix, and Box. But FIDO in Windows 10 will also work with consumer services such as Windows 10 sign-ins,, and OneDrive.

Why this matters: The call to kill passwords with a better authentication solution have been ongoing for some time. FIDO appears to be the best chance for a one-size fits all solution to password-less authentication. The FIDO Alliance includes many major tech companies and other businesses with a big interest in security, including Arm, Bank of America, Google, Lenovo, Mastercard, PayPal, and Visa. Microsoft joined the FIDO Alliance in late 2013. When heavy hitters work together on problems like this the end result tends to be a near-universal solution--an absolute must if FIDO is to truly replace the password.

What is FIDO?

The idea behind FIDO isn't all that new. Instead of using passwords--that can be forgotten, lost, stolen, or even guessed--a FIDO-equipped device would use biometrics such as fingerprint and eye scans that are much harder to acquire. This initial login method could also be paired with a key fob for two-factor authentication for added security.

Biometric scanners have already been integrated into smartphones, laptops, and other devices for years. The difference with FIDO is that it's an open standard, meaning any company can implement it into their products or services. It also means that FIDO-compliant biometric scanners and two-factor authentication devices can be used with any FIDO-supporting service, as opposed to the hodgepodge of fingerprint scanning security mechanisms we have now.

The FIDO specifications are also designed so that a user's biometric data never leaves the device.

For anyone that wants to check it out, Microsoft says FIDO integration is already available in the Windows 10 Technical Preview for enterprise applications as well as Windows 10 sign-in.

Join the CSO newsletter!

Error: Please check your email address.

Tags Bank of AmericaGoogleMicrosoftsecurityvisapasswordspaypalWindows 10authenticationLenovo

More about Bank of AmericaGoogleLenovoMastercardMicrosoftPayPalVisa

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Paul

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts