It’s easier and more secure to sign in to your Microsoft Account. Microsoft has announced support for standards-based FIDO2 security key devices to enable users to sign into their Microsoft Account without having to punch in a username or password. It’s enabling support for the security key or Windows Hello through the Edge browser. Microsoft is also the first company to support password-less authentication through the FIDO2 WebAuthn and CTAP2 standards.
Starting today, those who are on the Windows 10 October 2018 update will be able to configure a Windows Hello or physical security key from Yubico or FEITIAN that support the FIDO2 standard. Users with a device that has a Windows Hello webcam or fingerprint reader can just visit Microsoft Account settings with Edge and link a Windows 10 machine to their account. This will eliminate the password requirement at entry.
It does that by placing a private key on the trusted platform module in the Windows 10 device. It’s used alongside the physical key or biometric Windows Hello authentication for verification against the public key that’s stored on Microsoft’s servers. It’s this combination that offers more security against malware and phishing scams since users will be more accustomed to logging in without a username or password.
This password-less experience is currently available on Microsoft Edge but it will be available through other browsers as well once they start supporting the WebAuthn and FIDO2 standards.