Lilah Olsher

About the Author Lilah Olsher

Lilah Olsher graduated from Temple University with a BA in Marketing. Ms. Olsher is the Head of Contributors for Smarter Analyst.

Microsoft Corporation (MSFT) Takes Online Security to the Next Level with Windows 10

Microsoft Corporation (NASDAQ:MSFT) has done it again. The technology giant has kept PC fans on their toes in anticipation for the release of Microsoft’s Windows 10, on July 29. As expected, the release of the new operating system will bring about innovative new features which will assist users in tasks. The new OS will feature options for more efficiency, such as Continuum, which will create a device-specific interface that will be able to scale down from a desktop platform to a tablet/mobile platform. It will also have old, familiar features which Microsoft users know and love, such as the familiar desktop of Windows 8. Looking at all of the new options in store for Windows 10, possibly the most interesting of them all will allow users to eliminate the use of one of the biggest security concerns on the internet: passwords.

Passwords have been around since the start of the internet age, and are used for keeping data, content, information, etc. safely tucked away in the account of its owner. While these passwords did work for a time, it was not long before computer hackers, with one motive or another, began breaking into websites, stealing or recreating passwords, and gaining access into all kinds of “top secret” information. With the new Windows 10, users will finally be able to do away with the faulty safeguards, and keep their information and identities secure.

Passport

Windows 10 will have a new feature called “Passport”, which will allow users to sign in to Microsoft sites without using a password. Instead, much like Google Chrome with its interconnected Gmail, Google Drive, Youtube, etc., the OS will, on your behalf, safely authenticate to networks, apps, and websites. This will dissuade hackers from trying to steal your passwords and break into your Windows account, because there is simply no password to steal. This feature may be recognizable to users, as it is a new and improved model of the company’s Single Sign On service, which was created to allow users to jump from their email, to their Xbox account, to Skype, without ever entering a password.

Windows Hello

The second new feature Microsoft has taken above and beyond is called “Windows Hello.” Like the formerly mentioned Passport, this feature has also given users away to avoid using unsafe, hackable passwords. Windows Hello uses something called “biometric authentication” which basically allows the user to individually scan and register his physical features into the device. On Windows 10 devices, the infrared camera will be equipped to scan your fingerprints, physical facial features, and iris in a way that is so accurate, it will be able to tell the difference between a live being and a picture of him.

Protecting your Biometrics

A downside, or so it may seem, to using a biometric scanner as an identification tool is that someone with the wrong intentions would be able to take your physical information and copy it for his own fraudulent use. However, Microsoft has assured users that all biometric data will only be secured locally on your own specific device. This alleviates the fear of hackers stealing a fingerprint to create a false identity with your likeness, because the biometric information can only be used to unlock Passport and unlock your own device; it cannot be used to authenticate a user over the network. The specific biometric information is, as mentioned before, authenticated ONLY on a user’s personal device. After the authentication, the OS sends a public key which logs the user in; hackers may gain access to the public key, however because of asymmetric cryptography, they will be unable to utilize it for anything.

Don’t be too late to the party – Click Here to see what 4500 Wall Street Analysts say about your stocks.

 

 

  • Hitoshi Anatomi

    With Hello MS seems to be moving in a wrong direction.

    Whether iris, face, fingerprint, typing, gesture, heartbeat or brainwave, biometric
    authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance.

    Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone. We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.

    In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security. It may be interesting to have a quick look at a slide titled “PASSWORD-DEPENDENT PASSWORD-KILLER” shown at
    http://www.slideshare.net/HitoshiKokumai/password-dependent-passwordkiller-46151802