Microsoft Planning to Make Windows 10 Password-less by 2020
If the feature is finally rolled-out next year and it works as intended, the password option would simply disappear from the login screen, if users decide to opt in to this new “make your device password-less” option
Microsoft is planning to make computers running Windows 10 operating system password-less and replace it with Windows Hello face authentication, fingerprints, or a PIN code.
While the company has been working on removing passwords from Windows 10 and its Microsoft Accounts for a several months now, the next major update to Windows 10 in 2020 would go one step further, The Verge reported on Thursday.
The software giant believes that a PIN code is far more secure than a password, even if it seems more simple to use a four-digit code with far less risks of it being leaked online.
For an individual user, Windows 10 stores a private key on a device with a Trusted Platform Module (TPM), which is a secure chip that keeps a PIN local to the user’s device only and while servers can be compromised and passwords stolen, a Windows Hello PIN would not be affected, the report said.
In addition, Microsoft’s decision of making Windows 10 powerless would also extend to business users through Azure Active Directory, allowing businesses to go fully password-less with security keys, the authenticator app, or Windows Hello.
If the feature is finally rolled-out next year and it works as intended, the password option would simply disappear from the login screen, if users decide to opt in to this new “make your device password-less” option. (IANS)
Microsoft has notified nearly 10,000 customers in the past year who were targeted or compromised by nation-state attacks originating from three countries — Iran, North Korea and Russia.
According to Tom Burt, Corporate Vice President for Consumer Security and Trust at Microsoft, 84 per cent of these attacks targeted its enterprise customers, and about 16 per cent targeted consumer personal email accounts.
“While many of these attacks are unrelated to the democratic process, this data demonstrates the significant extent to which nation-states continue to rely on cyber attacks as a tool to gain intelligence, influence geopolitics or achieve other objectives,” Burt said in a blog post late on Wednesday.
The company has seen extensive activity from the actors it calls Holmium and Mercury operating from Iran, Thallium operating from North Korea, and two actors operating from Russia it calls Yttrium and Strontium.
“This data has been compiled by the Microsoft Threat Intelligence Center which works every day to track these global threats,” said Burt.
Since the launch of Microsoft “AccountGuard” last August, the company has uncovered attacks specifically targeting organisations that are fundamental to democracy.
“We have steadily expanded AccountGuard, our threat notification service for political campaigns, parties, and democracy-focused non-governmental organisations (NGOs), to include 26 countries across four continents.”
Microsoft has made 781 notifications of nation-state attacks targeting organisations participating in AccountGuard.
This data shows that democracy-focused organisations in the US should be particularly concerned as 95 per cent of these attacks have targeted US-based organisations. Many of the democracy-focused attacks target NGOs and think tanks.
“As we head into the 2020 elections, we anticipate that we will see attacks targeting US election systems, political campaigns or NGOs that work closely with campaigns,” warned Microsoft.
The company demonstrated the first voting system running Microsoft ElectionGuard technology at the Aspen Security Forum in Aspen, Colorado, on Wednesday.
“ElectionGuard can enable a new era of secure, verifiable voting. It is also possible to make voting more accessible for people with disabilities and more affordable for local governments while increasing security,” said Burt.
“ElectionGuard” is free and open-source and will be available through the repository GitHub as a software development kit (SDK) later this year. (IANS)