With hacking and cyber-crimes on an increase in today’s world, addressing these modern security threats are at the top of agenda for consumers and businesses. Just using a login password to login to your PC gets you surprisingly little security and can lead to serious issues such as your confidential data and online accounts being hacked. With a vision to overcome these modern security threats, Microsoft unleashed Windows Hello, an innovative feature of Microsoft Windows 10, which aims to kill passwords and suggests that even the children of today will grow up in a world without passwords—where they can log in just by looking at a device or touching it.
Windows Hello: sign-in with your smile or touch!
Windows Hello makes signing-in to Windows 10 devices much more personal and secure – with just a look or a touch. With a fingerprint reader or infrared webcam set up in your Windows Hello device, you don’t need to worry about remembering a password again! You can login using biometric authentication – using your face, iris, or fingerprint, as well as use your PIN as a backup. After its launch, this amazing feature has also been extended to log in to Hello-supported websites and apps, and for imparting additional security before an In-App purchase. Plus, Hello technology also lets you use your digital wristband, smart watch, phone and other companion devices to unlock your Windows PC quickly without using a password, giving you another choice of secured sign-in.
Biometric system is more secure than passwords
Most people use simple passwords which are easy-to-remember and reuse them across multiple websites, making them susceptible to hacking. Hackers use techniques like phishing e-mails to get access to user’s log-in credentials and access their online accounts. This can lead to serious issues like compromised online banking transactions. When the same password is used across other accounts, a hacker may be able to gain access to those as well. These stolen usernames and passwords can give them access to point of sale (PoS) systems and the credit card data being processed with them.
According to a report by New York Times, around 1.2 billion usernames and passwords were stolen by a single cyber-crime organization while there are only about 1.8 billion people online worldwide. Hackers could target Fortune 500 companies to very small websites.
Windows Hello offers enterprise-grade security
According to Microsoft, Windows Hello can get you all of that enterprise-grade security that an IT organization would get with smart-cards. The firm says that the false acceptance rate (FAR) is just 1 in 100,000 attempts.
Windows Hello security feature adheres to FIDO Alliance standards, allowing Windows users to forget password logins in favor of a stronger and more convenient biometric security standard.
On the security front, a Windows Hello biometric system offers enhanced security over conventional passwords. As noted by the Executive Director of FIDO alliance, Brett McDowell, “this security benefit comes from asymmetric cryptography. Windows Hello secures your biometric signature locally on the device and not shares it in the cloud. The biometric authentication is handled entirely on the PC. So, a user’s credentials will not be hacked even if a service they use is ever breached.”
Biometric sign-in options for Windows Hello devices
Windows Hello supports biometric authentication based on facial or fingerprint recognition, as well as a simple PIN to authenticate a user. To use fingerprint recognition, your laptop needs a fingerprint reader. For facial or iris detection, Windows Hello uses special depth-sensing camera such as a Intel Real sense technology camera to ensure it’s really you and not a picture or another person that looks like you. Devices from many hardware manufacturers come equipped with built-in Hello-compatible cameras. You can also buy some external Windows-hello compatible webcams or fingerprint readers, to get the facial or fingerprint unlock capabilities in PCs and laptops that don’t have this hardware built-in. For more information of Windows Hello biometric requirements, click here.
There are a variety of fingerprint readers for use with Windows Hello. These can be either external or integrated into laptops or USB keyboards. Hello supports capacitive fingerprint sensors which scan your fingerprint with a simple swipe or touch to enable you to login conveniently and securely to your Windows 10 PC. Modern fingerprint sensors have become faster and more accurate in their readings.
Windows Hello uses specialized IR cameras which create 3D model of the user’s face to differentiate between the genuine user and a high-resolution photograph or scan. Leveraging IR technology, these cameras can also work in all types of lighting situations, even in complete darkness! Many new machines, like the Surface Pro 4 tablet and the Surface Book laptop have built-in facial-recognition camera which is compatible with Windows Hello.
Intel offers the Intel RealSense F200, the first webcam to support Windows Hello. The F200 is available as a developer kit and now, Intel has updated it with a new smaller, improved model, called the SR300, which takes less than a second to log you in to Windows. Other notable Windows Hello compatible webcams are Razer Stargazer which incorporates Intel RealSense hardware and the Tobii eye tracking gaming peripheral.
You must set up a PIN before you start using biometrics in Windows Hello. Once you set up a PIN, you can add biometric gestures if you want. You may prefer using biometrics but you always have a fallback option of unlocking your device with a PIN in case you can’t use your biometric because of injury or the sensor is unavailable or not working properly. Although it may seem that a PIN is similar to using a password for authentication, using PIN is more secure and offers many more benefits over traditional passwords.
The list of laptops compatible with Windows Hello is continuing to grow. Some examples of laptops already supporting Windows Hello include Microsoft Surface Book, Microsoft Surface Pro 4, Lenovo ThinkPad X1 Yoga, and many more. To view the complete list, click here.
How to set up Windows Hello with fingerprint or webcam
- The first step to set up Windows Hello biometric feature on a Windows 10 device is to set up the security PIN. To set up PIN, go to System Settings > Sign-In Options.
- After a PIN is set up, you can configure your machine to recognize you through Windows Hello facial or fingerprint recognition with the following steps:-
- Go to Settings > Accounts > Sign-in options > Windows Hello. If you do have Windows Hello compatible hardware, you can see a “Fingerprint” or “Face” appearing. Click the “Add” button to add a fingerprint or the “Set Up” button to set up facial recognition.
If you do not have Windows Hello compatible hardware, you’ll see a “Windows Hello isn’t available on this device” message.
You can browse the steps to set up fingerprint or facial recognition on a Surface Book or Surface Pro 4 here.
Windows Hello lets you use companion devices to sign-in
As many older Windows 10 PCs don’t have fingerprint readers or infrared cameras which are needed for biometric authentication, Microsoft announced the companion device framework for Hello to promote the development of devices and accessories that can connect to PCs and act as secondary authentication devices.
According to a blog post, this feature has also come to almost 100 biometric-enabled devices and accessories, including laptops, all-in-ones, 2-in-1s, tablets, phones and peripherals. Partners offering these companion devices include Nymi, Yubico, RSA and HID, among others.
Take a look at some of the innovative accessories which act as Windows Hello companion devices for both consumer and business use cases. These devices have to be registered with a Windows 10 PC and can authenticate users through USB, Bluetooth, or NFC connections.
The Nymi Band
It is a smart wearable which the user wears on his wrist and taps it with a finger to login to a Windows Hello machine. The device authenticates the user by reading his heartbeat, thereby ensuring that its not someone else wearing the band.
It is a key-chain USB device which can be plugged into a USB slot to authenticate and log a user into a Windows hello machine.
RSA SecurID authenticator tools
With this service installed on a smartphone, a user can use the smartphone to authenticate and log in to their Windows Hello device. If the user is nearby a PC, the smartphone application will automatically unlock the PC. The app can also require a user to provide a PIN or biometric to login depending upon factors such as the distance between the smartphone and the PC RSA uses gesture detection on the Apple iPhone to log a user into Windows 10.
HID Global Seos card
It is like a regular employee badge that uses NFC and can be used to gain access to buildings and offices. Employees can also use it to unlock a PC.
As cyber security problems continue to exist with technological advancements and are ever-increasing with more and more devices getting connected to the internet, organizations want to put necessary security measures in place. Biometric technology plays a big role in solving such security issues. We can notice that biometric authentication is rapidly growing in the realm of mobile phones, smart bands, and other devices. However, it’s less popular on the desktop today due to hardware demands and may require users to purchase scanners separately. Still, we see Windows Hello to appear in many new PCs, tablets, phones, and wearable devices since its launch. Like many technologies, the tech has rough edges but the future seems bright as companies and consumers alike seek to move beyond the password they’ve been typing to decades.