My Microsoft Account goes Passwordless

I suddenly realised it's been a while since I typed in my password to access my Microsoft account. This is partly because my browser caches information but also because the security model of Microsoft Accounts has changed. Microsoft send you a notification or can send you an SMS rather than ask you for a password. 

My current Windows laptop has an infra-red sensor so that it can do face identification using Windows Hello. If that fails, I can use a pin. 

If you want to go passwordless then you will depend on these biometric devices. Your face, fingerprint, or a pin. It has been an aim of the leading technology firms to ditch passwords for some time. The process is reaching a point to which tech is doing it across devices. 

At the centre of this is FIDO. The Federation of Identity Online (FIDO) is a decade old group that has promoted a new way of securely authenticating people on online services. It has onboard Apple, Microsoft, Google, PayPal, Meta, Amazon and more. They don't specify a product you must use to login to services but have certifications. 

The "How Fido Works" pages explain the role of their certified encryption technology. 

The latest iteration of this being Passkeys. The Apple variant of this "Apple Passkeys" being recently promoted as if the technology was invented by Apple in a typically Apple way. Whereas Passkeys itself can be used by any of the FIDO members.

I am someone who uses a range of technology, so I am really pleased that Passkeys is cross platform. There is a good demonstration of how this works and it's worthwhile that people interested in the subject do have a look.


Popular posts from this blog

Powershell Symlink to Onedrive

Being progressive rather than universal

Identity as the new security boundary