Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Microsoft Brings Web Authentication to Its Edge Browser

    By
    Todd R. Weiss
    -
    July 31, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Microsoft Edge

      Microsoft’s Edge web browser now includes support for user authentication using facial recognition, fingerprints, PIN numbers or authenticated mobile devices as a replacement for outdated and less secure password-based log-ins.

      Starting with Microsoft Edge build 17723, the browser now supports the new password-less web authentication specifications from W3C, according to a July 30 post on the Microsoft Windows Blogs. By improving user authentication processes, enterprises will be able to provide more secure user experiences and transactions through websites, vastly improving security across the internet, according to Microsoft.

      The integration of the password-less specifications in the latest Edge browser has been a goal of the browser since 2016, when Microsoft shipped its first preview implementation of the web authentication API in Edge, wrote Angelo Liao, the program manager for Microsoft Edge, and Ibrahim Damlaj, the program manager for Windows Security, in the post.

      “With web authentication, Microsoft Edge users can sign in with their face, fingerprint, PIN, or portable FIDO2 devices, leveraging strong public-key credentials instead of passwords,” wrote Liao and Damlaj. In the past, websites have trusted passwords to process credit card numbers and save addresses and personal information including sensitive records such as medical information.

      “All this data is protected by an ancient security model—the password,” they wrote. “But passwords are difficult to remember, and are fundamentally insecure—often re-used, and vulnerable to phishing and cracking.”

      That’s why Microsoft has been working to move away from passwords in the Edge browser and replace them with biometric and other forms of authentication, Liao and Damlaj wrote. The company has been working with the FIDO Alliance and others to develop the new standards for improved security online. In March, the FIDO Alliance announced that the Web Authentication APIs had reached Candidate Recommendation (CR) status in the W3C, readying them for use.

      The latest build 17723 of Edge now supports that CR version of the web authentication specifications.

      “Our implementation provides the most complete support for web authentication to date, with support for a wider variety of authenticators than other browsers,” wrote Liao and Damlaj. “With Windows Hello face recognition, users can log in to sites that support web authentication in seconds, with just a glance.”

      Windows Hello users can also be authenticated without a password on any Windows 10 device using fingerprint recognition or a PIN number to sign in to websites.

      The FIDO2 Project is working to create a FIDO Authentication standard for the web that works with FIDO-certified devices to help provide user authentications as well. Users will also be able to use external FIDO2 security keys to authenticate themselves with a removable device and their biometrics or PIN number.

      Websites that are not ready to move to a completely password-less model are expected to have backward compatibility with FIDO devices so a strong second authentication factor can be used in addition to a password.

      The introduction of these password-less authentication systems and processes is continuing with a myriad of industry partners, the post continued. “Password-less authentication experiences like this are the foundation of a world without passwords.”

      Developers who want to dive more deeply into web authentication in Microsoft Edge can peruse Microsoft’s Web Authentication dev guide, or install Windows Insider Preview build 17723 or higher to try it for themselves.

      Todd R. Weiss
      As a technology journalist covering enterprise IT for more than 15 years, I joined eWEEK.com in September 2014 as the site's senior writer covering all things mobile. I write about smartphones, tablets, laptops, assorted mobile gadgets and services,mobile carriers and much more. I formerly was a staff writer for Computerworld.com from 2000 to 2008 and previously wrote for daily newspapers in eastern Pennsylvania. I'm an avid traveler, motorcyclist, technology lover, cook, reader, tinkerer and mechanic. I drove a yellow taxicab in college and collect toy taxis and taxi business cards from around the world.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×