Microsoft last year revealed plans to move away from single-factor authentication options such as passwords for PCs, networks, and Web services.
Microsoft's Dustin Ingalls, Programme Manager of Windows Security and Identity, detailed the company's plans in a blog post last week and said, "I'm happy to announce Microsoft has contributed design inputs to the Fast IDentity Online (FIDO) Alliance, to be incorporated within FIDO 2.0 Technical Specifications. Transitioning away from passwords and to a stronger form of identity is one of the great challenges that we face in online computing, and we believe FIDO authentication...is the pathway to success"
(Also see: Ten Things We Know About Windows 10)
Participating at the United States White House Cybersecurity and Consumer Protection Summit, Microsoft announced its intention to support FIDO authentication and also listed a number of reasons to support a new authentication process replacing today's common single-factor authentication methods.
Ingalls also stated that the Windows 10 Technical Preview reflects Microsoft's vision of what the the FIDO 2.0 Technical Specifications should look like. "The current Technical Preview build enables a number of enterprise scenarios and it showcases our integration with Windows 10 sign-in, Azure Active Directory, and access to major SaaS services like Office 365 Exchange Online, Salesforce, Citrix, Box, Concur, just to name a few," he explained.
Sharing future plans, Microsoft indicated that the FIDO specifications will play a part in Active Directory authentication for corporate customers, as well as in Microsoft Account authentication which is used by consumers for services such as Outlook.com and OneDrive, amongst others.
The FIDO Alliance currently publishes two sets of specifications; password-less and second-factor authentication. The password-less method (Universal Authentication Framework aka UAF) defines local authentication methods such as swiping a finger, looking into a camera, speaking into a microphone or entering a PIN, while Universal Second Factor authentication (U2F) requies a physical token to be presented in order to verify identity.