Microsoft is out to kill passwords by providing an option to log in to its upcoming Windows 10 OS, applications and Web services via fingerprint, face or iris detection.
A feature called Windows Hello will use biometric authentication to log users into PCs, and Microsoft Passport will log users into applications and Web services.
Users have to remember many passwords to log into different services, and biometric authentication provides an easier and more secure way to access PCs and services, Microsoft said in a blog entry.
Microsoft claims that biometric authentication is more secure than passwords. With Hello, there’s no need to store passwords on a device. Users can opt in or out of biometric authentication, and information about a fingerprint, iris or face will be stored locally and not shared with others.
The biometric information is not used for network authentication, Microsoft said.
Many PCs already ship with fingerprint scanners. But for face and iris recognition, the technology in Windows 10 will initially work on PCs shipping Intel’s RealSense 3D camera, Microsoft and Intel said.
Only a handful of tablets, PCs and desktops from HP, Dell, Acer, Lenovo and Asus are currently available with Intel’s RealSense camera, which is still under development. But the 3D camera is on its way to replacing mundane 2D webcams in most PCs today.
Biometric authentication is already available in mobile devices and getting better everyday. Apple’s Apple Pay provides fingerprint detection for online payments, and ZTE has implemented iris detection as a form of authentication for its Grand S3 smartphone. But for PCs, passwords remain the dominant way to log-in to the PCs and services.
Microsoft drew some technology from the Kinect camera to soup up its biometric authentication capabilities in Windows 10. The authentication relies on infrared technology, which is already built into Intel’s RealSense camera. Infrared also helps authenticate users in dark and poor lighting conditions, Microsoft said in a video explaining the technology.
The biometric authentication technology will work with accounts registered with Microsoft and services connected to the company’s Azure cloud service. Microsoft has also joined the FIDO Alliance, which will bring authentication to other Internet services requiring passwords to log in. Key members of the FIDO Alliance include many hardware, software, mobile device, banking and credit card companies. FIDO Alliance is promoting a specific biometric authenticator in which a log-in generates a private key that is encrypted and then sent to a FIDO server, which then decrypts the key.