Microsoft is now enabling authentication using FIDO2, thus moving towards killing passwords.
This update will affect users of Outlook, Skype, Office, OneDrive, Xbox Live and others. It will help them to sign in more seamlessly.
Writing in a blog post confirming the move, Alex Simons, corporate vice president of program management in Microsoft’s identity division, said the company was ‘on a mission to eliminate passwords and help people protect their data and accounts from threats.’
This has certainly been true when looking at previous Microsoft missives; writing in September, Rob Lefferts, corporate vice president for security, feted ‘the end of the password era.’ At the time, new support for password-less sign-in through Microsoft Authenticator – essentially removing the password and replacing it with multi-factor authentication of users’ choice, be they fingerprint, face or PIN – was the new kid on the block. “No company lets enterprises eliminate more passwords than Microsoft,” Lefferts wrote at the time. “Today, we are declaring an end to the era of passwords.”
FIDO2 works through public and private key encryption, with the private key being stored on the device and the public key, in this instance, sent to Microsoft’s cloud. Security keys are through partners, such as Yubico and Feitian Technologies.
Enterprise customers will be able to preview the feature early next year, while future plans include moves beyond the browser to work and school accounts in Azure Active Directory.