Your Tech Story

Microsoft Initiates the Password-less Authentication Using FIDO2 Security Keys

How many times it has happened that you forgot your account password while logging into it, and you have to recreate a new one. Well, the problem is going to vanish for the Microsoft accounts soon, as it is going to introduce the standards-based FIDO2 security key devices to let its users sign into their account without a username and password. Using the FIDO2 WebAuthn and the CTAP2 standards, Microsoft will enable the hardware security keys or Windows Hello support, to authenticate the users, through its Edge browser.

Fido-Security-Key-USB
Image Source: itsagadget.com

The users who are using Windows 10 can start using the new authentication technique, either by using Windows Hello, a biometrics-based authentication platform built into Windows 10, with a FIDO2-compatible device from Yubico or Feitian, an authenticator or with a fingerprint reader.

Vice president of program management at Microsoft Identity Division, Alex Simons, said, “Microsoft is the first company to support password-less authentication using the FIDO2 WebAuthn and CTAP2 specifications, and Microsoft Edge supports the widest array of authenticators compared to other major browsers.”

To use a hardware authentication key, one needs to plug it into the USB port of the system. For logging into a Microsoft account over a phone, one need to use the Bluetooth or NFC wireless communications. The users can also login into the Microsoft apps, on a smartphone, using the Microsoft Authenticator app. The Microsoft platforms that support the FIDO2 security key includes Outlook.com, Office 365, Skype, OneDrive, Cortana, Microsoft Edge, Xbox Live on the PC, Mixer, the Microsoft Store, Bing and the MSN portal site.

Microsoft had already introduced its Authenticator app, for the iOS and Android users and as of now, Microsoft is the only company to provide such security devices to its users. Soon, we can see other companies adopting the same technology as the regular username and passwords have already been vulnerable to the security breaches. It may be a drastic change in the authentication procedure, but adopting the new one can be more beneficial for the security of the important data stored on the web.