Microsoft has announced the activation of FIDO 2 WebAuthn functionality in the Windows 10 October 2018 Update, allowing users to sign in to their Microsoft Accounts (MSA) using a physical device rather than a password.
That Microsoft is seeking to do away with the password is no secret: Back in April last year the company announced the ability to sign in to a Microsoft Account (MSA) without a password using a companion authentication application running on an Android or iOS smartphone or tablet. Where traditionally such an application would be used as a second authentication factor after a more traditional password, Microsoft's approach saw the smartphone as a one-tap login system.
Now, the company has made good on a secondary promise to add support for further authentication hardware, building on a partnership it announced in April this year with two-factor authentication (2FA) specialist Yubico. The result is the ability to log in to a Microsoft Account using only a physical FIDO 2-compatible security key, including - naturally - Yubico's own YubiKey 5.
'Password-less sign-in is a transformational change to how business users and consumers access devices and applications. It combines industry-best ease of use and security to create an experience people are going to love and hackers are going to hate,' claims Microsoft's Alex Simons of the move, which integrates FIDO2 and the WebAuthn protocol into Windows Hello. 'FIDO2 is a key part of Microsoft's push to eliminate passwords and devices like the YubiKey 5 are a great example of how we're working with partners to make this transformation a reality.'
Full details on the feature, including the method to register a FIDO2 device into Windows Hello, can be found on Microsoft's announcement.
February 17 2020 | 09:00