Sign up to our newsletter
The latest security news direct to your inbox
Microsoft is taking aim at traditional single password systems with the upcoming version of Windows, by including built-in two-factor authentication according to ZDNet, which describes the move as “audacious plans to tighten security”.
Winbeta describes the features as “enterprise grade” security, and outlines the options available to security concerned users which include password and pin, password and biometric input, and more intriguingly a two-factor method that allows a mobile device to authenticate PC access via Wi-Fi or Bluetooth. This would make accessing data on a stolen laptop or PC far harder for criminals, as it would require physical access to the mobile device to gain access.
Although traditional single password options will still be supported, the whole design looks more security focussed than previous versions of the Operating System, with built-in protections in place to separate personal and corporate data, with all of the latter’s apps, data, email and other content automatically encrypted.
An official Windows Blog post outlining the improvements to security cited recent cybercrime attacks as the inspiration for enhanced measures, with Microsoft’s Jim Alkove writing “with this release we will have nearly everything in place to move the world away from the use of single factor authentication options, like passwords.”
ESET researcher Aryeh Goretsky welcomed the news, but highlighted that ease of use is vital to ensure widespread adoption: “These are all good – and welcome – steps, but in addition to providing a high level of security, they also have to be easy to implement in the corporate environment and unobtrusive as well.”
“Windows 10 really has to address all of the shortcomings, perceived or otherwise, in Windows 8, otherwise corporate customers may be more interested in seeing these technologies get back-ported to Windows 7 then in upgrading to Windows 10,” he added.
With big announcements from both Microsoft and Google in the fields of two-factor authentication in the last few days, there is hope that single password solutions may be seen by the wider internet community as inadequate. “Google has started to roll out two-factor authentication in their browser as well using some of the same technology, so that is a good sign that both large companies see this approach as secure, which is something that concerns a lot of corporations,” Goretsky commented.
snig / Shutterstock.com
Author Alan Martin, ESET