With a quick glance at your Windows 10 laptop, you’ll be able to unlock it — without entering a password.
Microsoft introduced the latest new feature for Windows 10, called Windows Hello. The security tool will let you access your PC through facial recognition, an iris scan or a read of your fingerprint.
But before you get ready for your closeup, you’ll need get some special equipment — most PCs don’t come with biometric scanners installed (though some do). Windows Hello is primarily targeted at businesses and government agencies.
Microsoft opted not to rely on your webcam for facial recognition because the photos it captures are not terribly secure, and they’re easy to spoof. Instead, Microsoft got infrared cameras to do facial recognition for Windows Hello.
Facial recognition is possible on a low-grade camera. Google allows its Android phones to be unlocked with facial recognition, but the company warns that someone with a photo of you — or even someone who looks like you — will be able to unlock your phone too.
With the proper tools, faces, irises and fingerprints are possible to spoof, but it’s not easy — someone’s got to really want to break in to your PC to go through the trouble.
Microsoft opted for more robust security in Windows 10, because it wants to meet strict standards that companies and government agencies impose for secure logins. Microsoft said Windows Hello has a 1 in 100,000 false accept rate, which is very high. It’s a lot safer than a password, which, as we know, can easily be forgotten, lost, stolen or hacked.
Though it’s not necessarily aimed at the average PC buyer, consumers will be able to use the Windows Hello feature too.
Microsoft promised “plenty of exciting new Windows 10 devices to choose from which will support Windows Hello.” And if your PC already has a fingerprint reader, you’ll be able to login with a fingerprint scan.
Passport: Windows 10 will also support another new security feature, codenamed “Passport,” which lets you login to participating websites, apps or networks without a password. Microsoft said the list of sites and apps that support Passport is growing, but it didn’t say how many participate.
Microsoft is trying to position Passport as the end of passwords. Since you never enter a password to enter a website, “there is no shared password stored on their servers for a hacker to potentially compromise,” says Microsoft boldly in its press release.
But that’s not quite true. Passwords will still exist. Even if you can login to your email via Passport from your work PC, you’ll still need a password to login from your iPad. So passwords aren’t going away anytime soon — and they’ll still be stored on email providers’ servers, which means hackers could potentially still grab them in a cyberattack.
The primary way that Passport ensures that you’re you is through Windows Hello. Oddly, however, you can also enter a PIN into Passport, which is significantly less secure than a password.
Still, it’s about time that something replaces passwords, and Hello and Passport are good starts.