Is Windows 10’s ‘Windows Hello’ the Future of Desktop Security?
In anticipation of the Windows 10 release in just a few months, Microsoft is rolling out more details about the OS fairly regularly. Just recently, they unveiled the specifics of a biometric authentication software called Windows Hello that will play a large role in all new devices running Windows 10. Windows Hello will enable users to login with the touch of a finger or via hands-free facial recognition.
While fingerprint recognition is already a feature present in devices like the latest iPhones, Microsoft has expressed excitement about Windows Hello’s top-notch security. An official blog post notes that Windows Hello enables users “to authenticate applications, enterprise content, and even certain online experiences without a password being stored on your device or in a network server at all.”
Biometric Authentication with Windows Hello
There are several methods that Windows Hello can use to detect your identity and authenticate your login. They include using your fingerprint, face, and iris. This entirely unique features will keep all apps, data, and Windows-related programs extremely secure and, ideally, unhackable. The new devices using Windows 10 were built with Windows Hello in mind, resulting in high-quality sensors that accurately capture these idiosyncratic identification features.
Already released devices with fingerprint recognition capable of upgrading to Windows 10 can take advantage of Windows Hello features as well. The facial and iris detection require special hardware and software built into upcoming devices to use. The hardware is built specifically to accurately verify the identification features, with special programming to detect whether or not someone is attempting to impersonate a face, fingerprint, or iris. It does this by using infrared technology that detects a wide variety of lighting conditions that are, according to Microsoft, impossible to replicate.
Microsoft’s Security Confidence
While the notion of software having data like an image of your face or fingerprint may seem like a security threat to some, Microsoft is using enterprise-grade security that complies with existing, and very strict, organizational requirements and regulations. It’s similar to security used by government, defense, and financial organizations. Passwords are, as we know only too well, hackable—no matter how complex they are. By using something inimitable like your face, iris, or fingerprints, Microsoft aims to offer not only increased security, but increased simplicity as well. Rather than trying to remember a dozen passwords, Windows Hello may eventually do away with passwords altogether.
Microsoft does venture dangerously close to hyperbole when they claim that Windows Hello is “impossible” to hack. Microsoft feels this claim is justified because there are no traditional passwords stored in their servers. Consequently, there is no way for hackers to use traditional methods to access the secure data.
It works like this: Windows 10 will ask users to verify that they have possession of their device before it authenticates on their behalf. Then, using a programming system called “Microsoft Passport,” they will be able to access their usual applications and online content without a need for a password at all, despite it being more secure and easier to use. Your personal biometric signature is stored locally on your device and not on external servers that can be hacked into, making your personal data—and especially your facial and fingertip data—highly secure, at least certainly more so than traditional passwords.
Microsoft elaborated on the functions of Windows Hello and Microsoft Passport in the video below:
The four-minute video covers why so many are excited over Windows 10’s recent unveiling, making it seem like Microsoft’s new OS is much more than a simple upgrade. With Windows Hello and Microsoft Passport, Microsoft is aiming to make biometric authentication a commonplace feature in computing’s very near future.
But how about those Apple fans out there—are they being left in the lurch? Though I count myself among the Apple faithful, I’m pleased to see that Microsoft is finally thinking outside the box again. Apple has been leading the way in mobile security thanks to their near-monopoly on smartphone fingerprint sensors, but they’ve really dropped the ball when it comes to the desktop environment. And let’s face it: iCloud keychain is a clunky disappointment. Recent rumors out of Cupertino say that Apple may be mulling fingerprint sensors for peripherals like mice and keyboards, but these projects have yet to see the light of day.
So the bottom line here is this: any initiative that changes the conversation about what security is, and gives us fewer credentials to memorize or record, is a step in the right direction.