Microsoft Passport and Windows Hello: Moving Beyond Passwords and Credential Theft | Build 2015 | Channel 9
"Microsoft Passport in Windows 10... is easy to deploy, always multi-factor, theft- and phish-proof, interoperable on premise and on the web, and so inexpensive that there is almost no excuse to not take advantage of it...Windows Hello: biometric authentication which can provide instant access to your Microsoft Passport"
Another Microsoft attempt to provide end-to-end security solution, this time included in Windows 10. Windows "Hello" is a
biometric authentication platform, with
- face-recognition,
- fingeprint and
- iris-scan
Microsoft "Passport" is a PKI based authentication system that replaces passwords. For each application (or site), "Passport" creates a (RSA) pair of keys, publishes public key to the other side, and saves private key in a local secured storage. Where available on a computer, hardware protection is used to store private keys. Access to authentication system is protested by a PIN (4-digit number, like on iOS or Android), with progressive slowing down on retries. "Hello" authentication can be used instead of PIN... A similar solution was in Vista/7 but was not popular... will this be better accepted?
Microsoft Passport is based on
FIDO Alliance standard.