Microsoft is hovering over the plan of getting rid of passwords in the Windows 10 PCs. Microsoft has been trying to take out the passwords since long now and in next year’s update, it is finally going to remove it. Users will very soon be able to unlock their PCs without the passwords, which means that you can either use Windows face authentication, fingerprints or a pin code to sign-in to your PC.
To enable this feature, users will have to change the settings and select the new “make your device passwordless” feature provided by Microsoft. Now, what was the necessity to remove passwords from the PCs? Apparently, passwords suck and most people do not use it anyway.
Diana Huang, director of engineering for Windows security at Microsoft, explains that while a PIN is “usually a more simple form (of authentication) than a password. Password is a symmetric key, and there is always a server which keeps track of your password or the symmetric key.” People tend to use the same password on multiple sites which do not guarantee the level of security for which the ‘password feature’ was made in the first place.
According to the security baseline recommendations for Windows, users were supposed to make periodic password changes. Microsoft has long given up on that advice so at least that is some relief to the users.
According to the latest news, Microsoft has already deployed a preview build (20H1 Build 18936 to be precise) of Windows 10 to members of the Windows Insider fast track ring that brings passwordless account sign-in right now. Enabling of passwords will also extend to business users through Azure Active Directory, allowing businesses to go fully passwordless with security keys, the authenticator app, or Windows Hello.
Microsoft also debated that using Pin Codes in the PCs is a better option than using passwords, even if it looks simpler. And the fact that pin codes are not shared online, be it in a profile account or website, they are stored in the device and not on the web. Also, even though users all over are provided with two-factor authentication, it is still not in areas covered of which people can be convinced to use them.
Windows 10 stores the pin code on the PC or laptop, whichever device it may be, with a Trusted Platform Module (TPM). It is a secure chip that preserves the pin code to the device only. So worst-case scenario, even if your server is compromised or password is stolen, Windows Hello Pin would not let anybody in or your PC to be affected.
Windows latest update of 10th May 2019 enables the users to set up an account or sign in with just a phone number in the Microsoft account. Microsoft’s two- factor authentication processes like basic SMS confirmation, Microsoft Authenticator app, Windows Hello and physical security keys with the FIDO2 standard are some features that are still not exploited by the users to the fullest. Microsoft has been trying to convince the users of Windows 10 to get to use them.