Microsoft provides a closer look at Windows Hello integration for Microsoft Edge

Reading time icon 2 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

chrome_2016-04-12_19-37-36

Microsoft introduced Windows 10 Anniversary Update at Build 2016 recently. With the upcoming update for Windows 10, Microsoft is expected to introduce improvements for the Start Menu, Action Center, as well as the Universal Windows Platform. Alongside these exciting new features and improvements, Windows 10 Anniversary Update is also expected to introduce Windows Hello integration in Microsoft Edge. Web sites that support Windows Hello will allow users to login with their face or fingerprint using Windows Hello right in Microsoft Edge, which is definitely a very nice feature.

Today, Microsoft provided a closer look at the Hello integration for Edge, stating:

We look forward to a web where the user doesn’t need to remember a password, and the server doesn’t need to store a password in order to authenticate that user. Windows Hello, combined with Web Authentication, enables this vision with biometrics and asymmetric cryptography. In order to authenticate a user, the server sends down a plain text challenge to the browser. Once Microsoft Edge is able to verify the user through Windows Hello, the system will sign the challenge with a private key previously provisioned for this user and send the signature back to the server. If the server can validate the signature using the public key it has for that user and verify the challenge is correct, it can authenticate the user securely.

These keys are not only stronger credentials – they also can’t be guessed and can’t be re-used across origins. The public key is meaningless on its own and the private key is never shared. Not only is using Windows Hello a delightful user experience, it’s also more secure by preventing password guessing, phishing, and keylogging, and it’s resilient to server database attacks.

In the same blog post, Microsoft shared how developers can implement Windows Hello in Edge as well. If you are a web developer, you can know more about it here. Nonetheless, tell us what you think of the upcoming Windows Hello integration in Edge in the comment section below.

User forum

1 messages