Microsoft’s Windows 10 will support ‘password-less’ biometric fingerprint scan security tools


Microsoft has announced that it will be enabling biometric authentication in Windows 10, the next version of its PC operating system, as part of its drive to move away from passwords, which means that one day you could be scanning your fingerprint just to access Word or your emails in Outlook.

Speaking at the White House Cybersecurity and Consumer Protection Summit, Microsoft confirmed that Windows 10 will support the next version of the Fast Identification Online (FIDO) specification – a framework that enables devices work with third-party biometric readers like fingerprint or eye scanners.

According to Dustin Ingalls, the group program manager for Windows security and identity, moving beyond passwords is “one of the top priorities for us here at Microsoft”.

FIDO is an open standard that is already supported by a huge number of companies, from financial institutions like Bank of America, VISA, MasterCard, PayPal and NXP, to tech players like Google, Samsung, Qualcomm, ARM and Lenovo.

While you’re probably familiar with the biometric fingerprint scanner on the iPhone 5S and iPhone 6, it is also possible to skip using passwords on regular laptops and PCs that don’t come with biometric readers, by using portable USB dongles that scan your fingerprint instead.

The idea is that in the future, rather than remember a large number of passwords, FIDO will enable any website or application hosted in the cloud to interface with third party authentication devices like the one mentioned above to not only make your life simpler, but also to greatly improve your online security.

Ingalls confirmed that the current Technical Preview build of Windows 10 is already integrated with the FIDO 2.0 specification and the operating supports cloud-based solutions including Office 365 Exchange Online, Salesforce, Citrix, Box and Concur.

“With Windows 10, for the very first time Windows devices and Microsoft-owned and partner SaaS services supported by Azure Active Directory authentication can be accessed end-to-end using an enterprise-grade two-factor authentication solution – all without a password,” Ingalls writes in an accompanying blog post.