Nary a day goes by that we don’t hear about a new security breach in which million of credit cards or passwords are stolen. With Windows 10, Microsoft is addressing modern security threats during its development in hopes of offering a secure product that consumers will feel safe using.
Part of that has to do with moving away from single-factor authentication options like passwords which is why Windows 10 will have two-factor authentication baked right in.
In a blog post on the matter, Microsoft’s Jim Alkove said their solution will eliminate the need for additional hardware security peripherals. Once enrolled, he added, devices themselves become one of two factors that are required for authentication.
The second factor in Windows 10 will be a PIN or a biometric, like a fingerprint.
As Alkove correctly points out, from a security standpoint, this means that an attacker would need to have a user’s physical device as well as access to their PIN or biometric information to gain access to a target account.
For example, a user could register their smartphone which would effectively become their mobile credential. It would allow a user to sign in to their PC, network and web services so long as their mobile phone is nearby. In this example, the phone’s Bluetooth or Wi-Fi connection would behave like a remote smartcard as one factor of authentication.
Do you think Microsoft is on the right track by adding two-factor authentication to Windows 10? After all, a number of services already offer two-factor authentication and some have for years now. If anything, they’re simply playing catch-up at this point.