Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Microsoft Brings Web Authentication to Its Edge Browser

    By
    TODD R. WEISS
    -
    July 31, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Microsoft Edge

      Microsoft’s Edge web browser now includes support for user authentication using facial recognition, fingerprints, PIN numbers or authenticated mobile devices as a replacement for outdated and less secure password-based log-ins.

      Starting with Microsoft Edge build 17723, the browser now supports the new password-less web authentication specifications from W3C, according to a July 30 post on the Microsoft Windows Blogs. By improving user authentication processes, enterprises will be able to provide more secure user experiences and transactions through websites, vastly improving security across the internet, according to Microsoft.

      The integration of the password-less specifications in the latest Edge browser has been a goal of the browser since 2016, when Microsoft shipped its first preview implementation of the web authentication API in Edge, wrote Angelo Liao, the program manager for Microsoft Edge, and Ibrahim Damlaj, the program manager for Windows Security, in the post.

      “With web authentication, Microsoft Edge users can sign in with their face, fingerprint, PIN, or portable FIDO2 devices, leveraging strong public-key credentials instead of passwords,” wrote Liao and Damlaj. In the past, websites have trusted passwords to process credit card numbers and save addresses and personal information including sensitive records such as medical information.

      “All this data is protected by an ancient security model—the password,” they wrote. “But passwords are difficult to remember, and are fundamentally insecure—often re-used, and vulnerable to phishing and cracking.”

      That’s why Microsoft has been working to move away from passwords in the Edge browser and replace them with biometric and other forms of authentication, Liao and Damlaj wrote. The company has been working with the FIDO Alliance and others to develop the new standards for improved security online. In March, the FIDO Alliance announced that the Web Authentication APIs had reached Candidate Recommendation (CR) status in the W3C, readying them for use.

      The latest build 17723 of Edge now supports that CR version of the web authentication specifications.

      “Our implementation provides the most complete support for web authentication to date, with support for a wider variety of authenticators than other browsers,” wrote Liao and Damlaj. “With Windows Hello face recognition, users can log in to sites that support web authentication in seconds, with just a glance.”

      Windows Hello users can also be authenticated without a password on any Windows 10 device using fingerprint recognition or a PIN number to sign in to websites.

      The FIDO2 Project is working to create a FIDO Authentication standard for the web that works with FIDO-certified devices to help provide user authentications as well. Users will also be able to use external FIDO2 security keys to authenticate themselves with a removable device and their biometrics or PIN number.

      Websites that are not ready to move to a completely password-less model are expected to have backward compatibility with FIDO devices so a strong second authentication factor can be used in addition to a password.

      The introduction of these password-less authentication systems and processes is continuing with a myriad of industry partners, the post continued. “Password-less authentication experiences like this are the foundation of a world without passwords.”

      Developers who want to dive more deeply into web authentication in Microsoft Edge can peruse Microsoft’s Web Authentication dev guide, or install Windows Insider Preview build 17723 or higher to try it for themselves.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×