Microsoft Adds Two-Factor Authentication to Windows 10 in Security Overhaul
You might've heard about the popular security measure that many websites have begun using called two-factor authentication. If not, see our quick guide on two-factor authentication.
In basic terms, the precaution ensures that the person logging in has access to not only the account password, but also a physical item that the account owner possesses. This ensures that compromised passwords will not result in compromised accounts by themselves - instead, the hacker would also need to have access to your smartphone, fingerprint, or other personal item in addition to your password or PIN in order to gain access to your account.
Now that you're familiar with what two-factor authentication is, let's move on to the breaking news:
Windows 10 Gets Native Two-Factor Authentication
In an extensive security-related post on the Windows Blog, Microsoft has announced that it has just added an interesting twist to two-factor authentication within Windows 10. Now the operating system will give you the option to enable device-based two-factor authentication, in which Windows will detect and recognize your nearby device (or fingerprint) to confirm that you are the account owner. With two-factor authentication enabled in Windows 10 you would therefore need to have your device in-hand and know your PIN or password (or you can use your fingerprint instead).
The new measure protects users from both local and remote attacks – if someone you know finds your password and tries to log into your computer while you're not around, they won't be able to unless they have your smartphone and PIN (or a custom mold of your fingerprint). Likewise, if a hacker on the other side of the world somehow steals your password, they'll be stuck in the same predicament without a device or fingerprint to confirm their identity..
How Secure is Two-Factor Authentication?
Although there's always the possibility that a resourceful hacker or close acquaintance could gain access to the information and equipment needed to bypass two-factor authentication, it is highly unlikely that this would ever happen in most typical scenarios. We've discussed the fact that the new biometric fingerprint sensors can be tricked by custom molds (which by the way can be constructed using nothing more than a picture of the person's fingerprint), so keep in mind that using a PIN number may actually be more secure at the moment.
Other Security Precautions Added in Windows 10
Fortunately, Microsoft isn't relying solely on two-factor authentication to secure Windows 10. Apparently the operating system will be storing user access tokens within secure containers that supposedly cannot be exposed, even if the Windows kernel code is tampered with. Furthermore, Windows 10 will store your work and home data in separate locations, so even if someone gains access to your home files they won't have access to your work files and vice versa. In addition, the latest version of Windows will offer greater control over virtual private networks (VPNs) and let business and organizations keep network users from installing any software that is not digitally signed.
Did you know that you can download and install Windows 10 Techincal Preview for free right now? We've posted guides on where to download it and how to install it within your current operating system (on a virtual machine) or alongside your operating system on a separate partition (for dual booting). To learn more, see our Windows 10 Technical Preview Quick Guide.