Saying adiós to Multifactor authentication and hola to Windows Hello
Logging into most systems requires two things – a username, and a password. If you know those 2 credentials, then you most likely have what is needed to gain access into the system.
One issue with using only a username and password is that once you or someone that you do not know has knowledge of your credentials, they can access the system, whatever it may be.
This is where multi-factor authentication comes in!
What is Multifactor Authentication (MFA)?
Multifactor Authentication (MFA) combines two or more independent credentials:
What the user knows (password)
What the user has (security token)
Who the user is (biometric verification)
The goal of MFA is to create a layered defense in order to make it more difficult for an unauthorized person to access a target. For example, a physical location, computing device, network or database.
If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.
For example, to access your personal transactions and statements on your online bank account, after logging in with your username and password, a One-Time Password (OTP) will be requested and sent from the website’s authentication server to the requester’s registered mobile device.
So with MFA, all your systems are now safe and secure from hackers right?
Well, here’s the other issue:
I forgot my username and password
You have one username and password for your email, another for SingPass, another for Facebook, another for your bank account, another for… the list goes on.
In this case, MFA doesn’t matter at all because in order to reach the multi-factor authentication layer, you first have to get through the base layer – knowing your username and password!
And with countless accounts, how can we remember so many combinations of usernames and passwords? I mean unless our brains are wired like a robot, or we have photographic memory, I doubt we can remember it all without writing it down somewhere!
So let’s just face it:
Nobody likes passwords!
They are inconvenient, insecure, and a hassle to remember. Not to mention, expensive too! In fact, people dislike them so much that Microsoft has been busy at work trying to create a world without them – a world without passwords.
In addition, cyber attacks are getting more and more common to businesses nowadays. For example, in June 2018, Singapore suffered its worst-ever cyber attack where hackers broke into SingHealth’s IT systems to steal the data of 1.5 million patients and records of the outpatient medication given to Prime Minister Lee Hsien Loong. Can you imagine if this happened to your company’s data?
So the question now is:
How can we create this world without passwords?
Let me introduce you to Windows Hello
No matter how unwise this may be, it is very common for people to use the same password (or variations) across multiple sites and applications, in order to remember fewer combinations! However, this can be proven dangerous and unsafe for your data!
Windows Hello and other biometric authentication features, like Apple’s Face ID or Touch ID, are designed to offer an alternative to passwords that is unique and more secure because it relies on technology that’s harder to break. The sign-in mechanism is widely considered to be more user friendly and reliable to access critical devices, services and data than traditional logins using passwords.
Gone are the days that you have to remember countless different usernames and passwords!
“Windows Hello solves a few problems: security and inconvenience,” said Patrick Moorhead, president and principal analyst at Moor Insights & Strategy.
“Traditional passwords are unsafe as they are hard to remember, and therefore people either choose easy-to-guess passwords or write down their passwords.”
How does Windows Hello work?
Windows Hello is a biometrics-based technology that enables Windows 10 users to authenticate secure access to their devices, apps, online services and networks with just a fingerprint, iris scan or facial recognition.
“Windows Hello uses 3D structured light to create a model of someone’s face and then uses anti-spoofing techniques to limit the success of people creating a fake head or mask to spoof the system,” Moorhead said.
Now, Windows Hello is being used by over 47 million users worldwide. More than 5,000 businesses have deployed Windows Hello for Business, with adoption on over one million commercial devices.
Can everyone set up Windows Hello?
However, only people with Windows 10 is able to set up this feature.
You will only need one of the three authentication methods: facial recognition, fingerprint, or retina. But before choosing an authentication type, click here to find out whether or not your computer supports Windows Hello!
Is it right for my business?
Most businesses, especially those that still rely on cumbersome and cyberattack-prone passwords, would probably benefit from implementing Windows Hello for Business. It is a relatively cost-effective and easy way to increase your security. It will require some set-up and perhaps some initial investments in hardware for biometric scans, but the long-run gains in security will likely outweigh these set up costs.