Uncategorized

Forget about passwords: passwords are making their debut in Windows 11 and I want more

Las contraseñas son una molestia. Son difíciles de recordar, fáciles de olvidar y, a menudo, inseguros. Por eso estoy entusiasmado con la nueva característica que Microsoft está introduciendo en Windows 11: claves de acceso.

Windows 11
Windows 11

Access keys are a passwordless form of authentication that uses your device and biometric data to log into your online accounts. Instead of typing a password, you just need to scan your face, fingerprint or PIN on your device and you’re done. No more password managers, no more phishing, no more password resets.

Access keys are based on the FIDO2 standard, which is supported by many websites and services, such as Microsoft, Google, Dropbox, Facebook and Twitter. You can use access keys to sign in to any website that supports FIDO2 or use the Microsoft Authenticator application to sign in to other websites that do not support it.

Access keys are not only more convenient, but also more secure than passwords. They use public key cryptography to create a unique key pair for each account and device. The private key is stored securely on your device and the public key is registered on the website. When you log in, your device proves you have the private key without revealing it and the website verifies that it matches the public key. This way, even if a hacker steals your public key or intercepts your login request, they will not be able to access your account without your device and biometrics.

Access keys are also more privacy-friendly than passwords. They do not require you to share any personal information with the website, such as your email address or phone number. You can create as many passwords as you want for different accounts and devices, and delete them at any time. You are in control of your online identity.

I think passkeys are a great innovation that will make our online life easier and more secure. I hope more websites and services will adopt the FIDO2 standard and support Passkeys in the future. I also hope that Microsoft will expand Passkeys to other platforms and devices, such as phones, tablets, and handheld devices running Android and iOS. Imagine being able to log into any website or app with just a tap of your wrist or a glance at your phone. That’s the future I want.

Windows passwords are the future of Windows 11 authentication. I’ve been testing them and I’m impressed. Very impressed.

Windows 11
Windows 11

You may remember that Windows 10 introduced Windows Hello, a biometric way to log in to your PC. With Windows Hello, you can simply look at your laptop’s camera and avoid the need to enter a Windows password. It’s easy, convenient and secure.

Access keys are the next step and are being rolled out in the Windows 11 22H2 upgrade, which is available now. (They will also be part of the Windows 11 22H3 or Windows 11 2023 upgrade, coming in the last quarter of the year.) Passcodes allow you to use your PC’s biometric recognition to log in to websites. Basically, you’re using Windows Hello for the web.

Right now, there are only a few sites that support passwords: Best Buy, WhatsApp, GitHub and 1Password. And the problem is that you have to create a password for each site.

I use two passwords to access my PC: one for my Microsoft account and one for Google. These access keys are more secure and convenient than passwords, as they are unique for each device and do not need to be typed in. Here’s how I set them up.

For my Microsoft account, I went to the Microsoft account site and followed the instructions to create a passcode for Windows. Alternatively, Windows Hello can automatically generate a passcode when I sign in with my face or fingerprint. I have three devices running the Windows 11 22H2 update and only had to create a passcode manually on one of them.

For my Google account, I visited the Google passcode site, logged in and chose to create a passcode. Google gave me the option to use linked phones as passcodes, but I chose to create a passcode on “this device”, which is my PC. That forced me to click on that option and enter my Google password. (By the way, Chrome also supports passcodes). Microsoft has some general guidelines on how to create Windows passwords here, but they may differ by site.

I can manage my passwords in the Windows Settings menu (Accounts > Passwords), where I can also delete them if I wish. In case I have problems with my password, such as changing my appearance or having a dirty fingerprint sensor, I can still use a PIN as a backup option.