Passwords are on the verge of becoming extinct, and for many people, the passing of passwords will be like getting rid of a migraine. With the latest Windows 10 major update from Microsoft, your computers and devices may now say “hello” to you to access Microsoft accounts, and additional security measures may now work together better with smart devices. Facial recognition is playing a big role.
Security is more important than anything in today’s world, and hackers keep cyber defenders back on their heels in many instances. Our message continues to be that you need to harden your security measures while you have control of your computer, device, network, etc. If you wait until it controls you, it can cost you a lot of time, money and aggravation.
Combining facial recognition with another authentication factor is one element of Hello, which is available on certain computers with Windows 10 installed. It replaces a password with biometrics to authenticate secure access to devices, apps, online services and networks with a fingerprint, iris scan or facial recognition. It’s considered to be more user friendly, secure and reliable than traditional passwords, which are easy to crack because most people use simple ones they can remember or leave written notes in easy-to-find places.
You can authenticate a Microsoft account or a non-Microsoft service that supports Fast Identity Online (FIDO) by setting up a facial scan, iris scan or fingerprint to log into a device. Hello uses 3D-structured light to create a model of someone’s face and then uses anti-spoofing techniques to limit the success of people creating a fake head or mask to spoof the system. Once you set up your initial scan, the image will enable you to unlock access to Microsoft accounts, core applications and third-party applications that use the system. You can modify facial and iris scans, and add or remove additional fingerprints, and you can uninstall biometric identification.
Microsoft has updated Hello to support new security keys and offers two-factor authentication. There are keys to authenticate users for Azure Active Directory without requiring that a user enter a username or password, or even set-up Windows Hello beforehand. Technology advances could include authentication through a smartphone, but don’t expect any of those to involve text messages. Your cell phone number can be easily highjacked, and a perpetrator can simply have all of your passwords sent somewhere else without you ever knowing about it.
Windows’ latest update, version 1809, which is being pushed out this month, will increase the number of computers able to use Hello, and that will certainly help expand its user base – which, in turn, will spur more development of more ways to use it.
Microsoft is working with a growing number of service providers and device manufacturers to give its users a more seamless method to authenticate multiple accounts. Ultimately, the industry needs to tighten its false rejection rates and “liveness detection,” which ensures that the scan is that of a living person.
We’re confident that use of these new systems, such as Hello, will make us more secure, especially for business systems. We still see so many offices with passwords attached to computer monitors. Hello will go a long way to eliminating this particular potential for security breaches.
If you have computers that can work with Hello, we urge you to take a close look at implementing it. If you have questions about getting computers that are compatible with Hello or will be, we can help you set it up or prepare you to set it up. In the meantime, we can perform a security assessment to make sure your information technology system has no open backdoors or trapdoors that can allow access. This can be especially important, as one client discovered after they bought a company and started to merge IT systems.
Call us – 973-433-6676 – or email us to talk about your security.