Windows 10 News and info | Forum
June 19, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Microsoft Passport in Windows 10  (Read 1896 times)
Hero Member
Online Online

Gender: Male
United States United States

Posts: 28504

I Do Windows

WWW Email
« on: May 10, 2015, 04:41:18 PM »

Microsoft Passport has been around for quite a while. It serves as a single point entry to all of the Microsoft products such as, OneDrive, Messenger (when it was alive), People, contacts and more. In Windows 10, Microsoft Passport will replace passwords with strong two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN. This post offers an overview of how Microsoft intends to use Microsoft Passport in Windows 10.

What is Microsoft Passport

Broadly speaking, Microsoft Passport consists of 2  services – a single Sign-in service that allows members to use a single name and password to log in, and a Wallet service that members can use to make fast, convenient online purchases.

Two Factor Authentication in Microsoft Passport

Microsoft introduced Two-factor authentication a couple of years back, when cyber criminals increased their activities on the Internet. However, there have been some problems using the two-factor authentication in its current state.

First – you enter the password and then you receive a PIN that you have to enter. If on the phone, this becomes a problem, especially if phone’s RAM is low. Besides this, in its current scenario, when you wish to go for two-factor authentication, you have to create different passwords for different apps you use. You even have to create an “app password” for Microsoft Outlook email client and enter it instead of the real Microsoft password that you use for logging in via a web browser.

All this is set to change with Microsoft Passport in Windows 10. Right now, the two-factor authentication is optional. Microsoft will make it mandatory for all to use two-factor authentication. It won’t be as tough as it is now. There will be two keys, one with Microsoft and one with the user. The user needs just the user key to get access to protected Microsoft apps.

The primary key with Microsoft would be a certificate or a firmware. That is, you won’t have to enter that information into the login boxes. Then there will be a PIN that you will get. This PIN will open the doors to Microsoft products.

Windows Hello

We’ve already talked about the PIN. Users wanting more protection can opt for Windows Hello which would be some kind of gesture that you draw on the sign in screen to get access to protected resources.

Some of the current phones employ certain kinds of gestures for lock screen. It is to be seen how Windows Hello would be different from the current lock screens but Microsoft does say that it will be better than current gestures on lock screens and will provide enhanced security. According to TechNet, the gesture will be matched with the first step in two-factor authentication – the certificate that Windows assigned to you.

The first time will take a longer time as you have to get a certificate and then set up a PIN or Windows Hello. Once the entire thing is set up, you can access Microsoft products in future just by entering the PIN or the gesture you selected. Thus, there won’t be need to wait for a PIN to arrive by SMS. You just draw the gesture and you are in.

Prerequisites for Microsoft Passport

Before you can use Microsoft Passport in your enterprise, you will have to make sure you meet the prerequisites.

How Microsoft Passport works in Windows 10

The Microsoft Passport, as said earlier, will be based on a certificate – an asymmetrical key pair – to keep the user data safe. Identity provider – the Microsoft account – will create a public key during registration process and will identify it every time user tries to log in. If firmware is used in place of certificates, they have to match: presence of such firmware should be there and the key stored cryptographically on the firmware should match the key generated during registration process.

Here is the tough part. The certificate will not work across devices as it will be stored locally on device, especially if it is a hardware based certificate. It is not even sent to server. Thus, it might force users to go through the registration process on each device separately. The public key (PIN or gesture), however, can be used on different devices thereby making things easier for the users as they won’t have to remember different PINs and gestures.

All said, this new feature in Windows 10 is sure to lead to user convenience and an increase in security.


Pages: [1]
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page May 11, 2018, 08:48:00 PM