Windows Hello is Microsoft attempt at the password killer

[AlexGoesHigh]

 

yep, Microsoft, just like Intel and many others are getting on the password killer hype train, their implementation is called windows hello.

 

windows hello can use cameras, infrared sensors and fingerprint scanners to scan the user face, iris or finger to unlock a device or sign in into services, depending on which piece of hardware is used, current fingerprint readers can work with hello, but current cameras can not, Microsoft specifies that for camera base recognition Intel's RealSense 3D cameras or similar are required, MS says that W10 devices are in the works that uses Intel technology.

 

on the software side hello is developed with security first and foremost to offer enterprise grade security, not just user convenience, but that is also one of the goals of hello. finger, faces and iris scan will never leave the hardware they are stored on in order to authenticate, it will use asymmetric encryption keys and it will be powerful enough to prevent tampering with the hardware to break in, like differentiating a photo from a true face and similar

 

hello is also much more that just unlocking the device, an API will be available so developers can integrate into its apps and software raging from private enterprise solution from login to web services like your email

 

besides Windows hello Microsoft is also revealing Passport (not to be confused with another MS product with the same name) a method of authentication through the use of personal devices like smartphone or wearables, think of it like an android phone being unlocked when is close to an android wear device, but like hello, it works for services and software, so you can enter a short PIN number or a hello scan on the phone and it will send an encrypted key to the service to validate

 

Microsoft is a member of the FIDO alliance, and has pledge support to make products compatible with the FIDO specification, so it is expected many services will support hello and Passport through the FIDO spec

 

windows hello and passport will be available in the many different types of devices that can run a form of windows 10

 

Source: The Verge, Neowin

[carolkarine]

I could get behind this if I had a windows phone. 

[AMICLG]

Enterprise security my ass, when rainbow tables no longer work I'll maybe start to even consider believing them.

[benthegreat17]

I could get behind this if I had a windows phone. 

 

Whats a Windows phone?

[Yog]

My first thought is it have my front door hooked up to this so it unlocks with an eyescan.

[Norman_the_Owl]

Eh, i'm okay with this, as long as it actually can be disabled so it's not constantly scanning my face and surroundings...

[Cyclic]

Enterprise security my ass, when rainbow tables no longer work I'll maybe start to even consider believing them.

I'm probably missing something here but is the point of this not to take passwords out of use therefore rendering rainbow tables useless? 

[AMICLG]

I'm probably missing something here but is the point of this not to take passwords out of use therefore rendering rainbow tables useless? 

Correct but the fact is that some people (a vast majority) don't want to use facial recognition because it's usually buggy or in the habit of passwords and so on. Also your almost likely guarantee to have a backup password/pin so in case facial recognition fails or the camera brakes you can still access your computer so it doesn't matter whether your using it or not.

[Doobeedoo]

Biometrics don't seem secure enough..

[LAwLz]

Neat but the idea of never ever being able to change my password scares me, so I am against things like fingerprint scanners.

I am willing to use it as my account name, but not as my password.

[Cyclic]

Correct but the fact is that some people (a vast majority) don't want to use facial recognition because it's usually buggy or in the habit of passwords and so on. Also your almost likely guarantee to have a backup password/pin so in case facial recognition fails or the camera brakes you can still access your computer so it doesn't matter whether your using it or not.

Yeah I agree with you on some points but at the same time the change to password-less security has to start somewhere. I get the feeling that the facial recognition here isn't going to be the buggy - completely bypass security by using a freakin photo - bullshit that we're used to, whether this is true or not remains to be seen but I somehow get the feeling that it will actually be very robust using IR. I do completely agree with you that if there's a backup password/pin then the entire thing is kinda rendered useless cause rainbow tables etc. will not be affected in any way but I think that this will just be the starting point, I reckon in the near future there will be a switch to entirely biometric sign in with no backup passwords, they would have to implement a system to allow users to sign in if they do break their biometric reader or whatever but this is surely fairly simple, something like the code sent to your phone during two-step verification.