In addition to a launch of Windows 10 announced for this summer, vast ambitions in the Chinese market and an outstretched hand towards hackers, Microsoft also presented Windows Hello this week. This new biometric authentication system aims to make people forget passwords.
While Yahoo! tries temporary passwords, Microsoft is just trying to make them disappear from everyday life. With Windows Hello, which is an integral part of Windows 10, the Redmond firm introduces a biometric authentication method that is intended to be perfectly versatile. Indeed, it can be based on a fingerprint, facial or iris recognition, and is not limited to the services included in Windows only: it can virtually take the place of any authentication by password on a third-party service using Windows Passport.
In practice, the use of these services is relatively simple. To open his session, the Internet user positions himself in front of his webcam, for example, so that the latter can confirm that it is indeed the face of the owner. Subsequently, to access sites or applications that require a connection to an account, Windows Passport replaces the usual interface requiring an identifier previously defined with the service. Concretely, this means that Windows 10 will require either a PIN code or a new control via Windows Hello if the device is equipped with the necessary sensors.
Alas, this is somewhat the weak point of the device announced by Microsoft. Indeed, many machines are preparing to benefit from a free update to the latest OS of the firm, and it is clear that very few PCs marketed in recent years were carrying a fingerprint reader, iris or even a 3D webcam, like the Intel RealSense F200 put forward by Microsoft. In fact, the majority of Windows 10 users will therefore, at first, only have very limited use, or even no use, of Windows Hello.
But that does not prevent the firm from believing in the flight of its solution. In addition to reliability announced as extremely high, it highlights an obvious superiority in terms of security vis-à-vis passwords, which can constantly be hacked. Likewise, it insists that Windows Hello is based on the machine + user couple, and not on data stored online. In other words, all authentication takes place locally, without communication with the network and therefore without risk of interception. In summary, according to Microsoft, "it's a solution that government, defense, finance, healthcare and other organizations will use to improve their overall security."