The new Windows 10 operating system will allow users to sign in to a device without a password by using biometrics, including facial recognition, Microsoft announced Tuesday.
Microsoft said its Windows Hello feature will support biometric authentication as part of an effort to reduce the use of passwords, which can often be hacked.
This means “using your face, iris, or fingerprint to unlock your devices,” Microsoft vice president Joe Belfiore said in a blog post. “You — uniquely you — plus your device are the keys to your Windows experience, apps, data and even websites and services, not a random assortment of letters and numbers that are easily forgotten, hacked, or written down and pinned to a bulletin board.”
The move comes following a wave of reports about hacking into databases, which can lead to identity theft and other crimes.
Apple and Samsung have already begun putting fingerprint sensors on their smartphones, and other types of biometrics are being developed across a range of products and services.
Belfiore said Windows Hello offers improved online security because it “enables you to authenticate applications, enterprise content, and even certain online experiences without a password being stored on your device or in a network server at all.”
Microsoft has begun testing for Windows 10, which is being developed for both traditional PCs and mobile devices such as tablets and smartphones. No precise date has been given for its launch.
Belfiore said “there will be plenty of exciting new Windows 10 devices to choose from which will support Windows Hello,” and that if the device already has a fingerprint reader, it will be compatible with the new authentication system.
Infrared imaging
For facial or iris detection, “Windows Hello uses a combination of special hardware and software to accurately verify it is you — not a picture of you or someone trying to impersonate you,” he wrote.
“The cameras use infrared technology to identify your face or iris and can recognize you in a variety of lighting conditions.”
Microsoft also announced that developers of other services would accept the same authentication under the programming system dubbed “Passport.”
This provides a more secure way of letting users sign in to website or apps.
This opt-in system will verify the user of a device before authenticating that person for the wider range of services accepting Passport.
“Instead of using a shared or shareable secret like a password, Windows 10 helps to securely authenticate to applications, websites and networks on your behalf — without sending up a password. Thus, there is no shared password stored on their servers for a hacker to potentially compromise,” Belfiore said.
