In addition to expanding support for a common passwordless standard, Microsoft announced several new passwordless options to help reduce the attack surface and keep accounts secure, including passwordless support for Windows 365, Azure Virtual Desktop, Virtual Desktop Infrastructure and other innovations.
According to Microsoft, the passwordless support for Windows 365, Azure Virtual Desktop, and Virtual Desktop Infrastructure is currently in preview for Windows 11 Insiders, and is also on the way for Windows 10.
The company’s announcement comes the same week as World Password Day and as IT administrators everywhere continue to deal with an onslaught of cyberattacks that largely target credentials. The idea behind the passwordless movement is to eliminate passwords as an attack surface and help keep accounts secure.
The Redmond, Wash.-based IT giant also announced Windows Hello for Business Cloud Trust, which the company says simplifies the deployment experience of Windows Hello for hybrid environments. The deployment model removes previous requirements for public key infrastructure and syncing public keys between Azure AD and on-premises domain controllers.
Cloud Trust is currently available in preview for Windows 10 and 11 21H21.
“This improvement eliminates delays between users provisioning Windows Hello for Business and being able to authenticate and makes it easier than ever to use Windows Hello for Business for accessing on-premises resources and applications,” Microsoft says.
Microsoft says it also expanded passwordless support in Microsoft Authenticator for Azure AD work or school accounts to multiple passwords. iOS users will begin seeing the capability later this month, with Android support to follow.
Temporary Access Pass in Azure AD has been in public preview since last year and the full feature is planned for release this summer, but Microsoft is making it available to users to distribute Temporary Access Passes instead of passwords for setting up new Windows devices. The update will be available next month.
“You’ll be able to use a Temporary Access Pass to sign in for the first time, to configure Windows Hello, and to join a device to Azure AD,” the company says in a blog.
Microsoft, along with Google and Apple, also announced plans to extend support for a passwordless standard created by the Fido Alliance and the World Wide Web Consortium to enable websites and apps to offer consistent, secure and easy passwordless sign-ins to consumers across devices and platforms.
While the standard targets consumers, Microsoft suggested that Fido-based credentials in both consumer and business scenarios will find support in future Microsoft apps and services.
Alex Simmons, corporate vice president of identity program management at Microsoft, said in a statement that the complete shift to a passwordless world will begin with consumers.
“Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” Simmons said. “By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords. We see a bright future for FIDO-based credentials in both consumer and enterprise scenarios and will continue to build support across Microsoft apps and services.”
Leave a Reply