After calling the use of hardware authentication keys “inconvenient, insecure and expensive” in the past, Microsoft has taken a U-turn and is now supporting authentication keys for its services. In addition to universal two-factor keys, the tech giant will also allow biometric logins using facial recognition and fingerprint recognition devices on Windows. Unfortunately, users who want to use these alternate login methods will be restricted to using Microsoft’s own Edge browser.
Microsoft revealed in its official announcement “This combination of ease of use, security and broad industry support is going to be transformational,”. “Every month, more than 800 million people use a Microsoft account to create, connect, and share from anywhere to Outlook, Office, OneDrive, Bing, Skype and Xbox Live for work and play. And now they can all benefit from this simple user experience and greatly improved security.”
To enable alternate means of authentication for your Microsoft account you need to login to your account and head to Security settings. Under the “More Security Options” setting you will be able to add your authentication methods under the “Windows Hello and security” option. Microsoft has a detailed guide to help you get started as well.
Any kind of biometric hardware needs to be compatible with Windows for usage. Moreover, when you are out to get your first hardware authentication key make sure you get one that’s compliant with the FIDO 2 standards. Google has been able to keep its employees safe from phishing attacks by making the use of such hardware keys mandatory at its workplaces. Older authentication methods for Microsoft accounts like the app authenticator and SMS / email two-factor authorization will continue to be available for users who do not want to adopt hardware options.
What do you think about Microsoft’s decision to support U2F and biometric authentication? Let us know in the comments below. Get instant updates on TechNadu’s Facebook page, or Twitter handle.