Microsoft tests use of iPhone authenticator app as password replacement in Windows 10 S mo...

Posted:
in General Discussion
Microsoft is allowing users to sign into their computers using an authenticator app instead of a password, as part of testing of Windows 10 S that effectively eliminates the stripped-down version of the operating system in favor of a new mode for all Windows 10 variants.




The latest Windows 10 Insider Preview build adds an option for those running Windows 10 S to use the Microsoft Authenticator app on an iPhone or other smartphone to confirm their identity, in place of the usual password-based authentication. Downloaded to an iPhone, the app is usually employed in two-factor authentication, but in this instance, the app becomes the only authentication factor.

Microsoft claims testers will be able to go through the "out-of-box experience," including setting up Windows Hello and installing various apps and services, without entering a password into the PC at all.

Despite the lack of a password, the Windows 10 S installation still offers security, including Windows Hello facial recognition, fingerprint reading, and a security PIN. These alternative security options are already offered to users, depending on the available hardware, though the process to set these up did previously require a password.

The Windows 10 S Mode feature test is part of Microsoft's plan to remove it as a Windows variant entirely, reports Thurrott.com. Windows 10 S isn't disappearing completely, as it will apparently be included as its own mode for all versions of Windows 10 at some point in the future.

Initially introduced alongside the Surface Laptop last year, Windows 10 S is a stripped-down version of Windows that will only run Windows Store titles, in theory reducing the possibility of security risks and simplifying device management in schools and enterprise. Users are able to upgrade from the S release to full versions, removing the restrictions and giving users free reign to run software from alternative sources.

While Windows 10 S has been viewed as a less successful version of Windows, it is reported that 60 percent of its users on third-party devices stick with it instead of switching to an unrestricted Windows version. Microsoft claims that approximately 60 percent of those who switch do so within 24 hours of owning the device, while 83 percent of those who don't switch within the first seven days of ownership will continue running the device in S mode.

The Windows 10 Insider Preview includes a number of other features destined for public release in the coming months. The Game Bar has been updated to make it easier to use, including toggles for the microphone and camera and new themes, while a new calibration tool has been included for altering how HDR video appears on the device.

New graphic settings for multi-GPU systems, eye control improvements, updates to Windows Security, F11 full screen support for Microsoft Edge, a streamlined Bluetooth pairing process, text input changes, and the ability to wipe diagnostic data from a device are also included in the preview release, among other changes.

Comments

  • Reply 1 of 6
    rob53rob53 Posts: 3,241member
    Is there an admin logon and password for Windows 10 S?

    This article seems to imply that enough services are operational after startup without any kind of logon to allow either a bluetooth, internet (ethernet or WiFi), or (maybe) NFC connection between the PC and an iPhone app. The streamlined Bluetooth pairing process worries me because if this is how it connects, it needs to have very robust security.

    How is the initial configuration made on the PC without being able to create an account with any kind of authentication (password, PIN, etc.)? 

    What kind of traffic, both encrypted and unencrypted, happens between the Windows app, the iPhone, internet, and the PC? I use this capability all the time when accessing web sites as well as Apple's two-factor authentication but I don't see it passing any government security requirements since it's only a single factor authentication. Where is the PIN created and how is it passed to and from the iPhone and PC? How many systems are involved that could be monitored and hacked?

    We're talking about Microsoft, a company that is totally in bed with the FBI and other government agencies. Will the FBI/NSA force Microsoft to include some kind of back door into their iPhone app that allows access to other iOS apps?
    GeorgeBMacfotoformat
  • Reply 2 of 6
    GeorgeBMacGeorgeBMac Posts: 11,421member
    rob53 said:
    Is there an admin logon and password for Windows 10 S?

    This article seems to imply that enough services are operational after startup without any kind of logon to allow either a bluetooth, internet (ethernet or WiFi), or (maybe) NFC connection between the PC and an iPhone app. The streamlined Bluetooth pairing process worries me because if this is how it connects, it needs to have very robust security.

    How is the initial configuration made on the PC without being able to create an account with any kind of authentication (password, PIN, etc.)? 

    What kind of traffic, both encrypted and unencrypted, happens between the Windows app, the iPhone, internet, and the PC? I use this capability all the time when accessing web sites as well as Apple's two-factor authentication but I don't see it passing any government security requirements since it's only a single factor authentication. Where is the PIN created and how is it passed to and from the iPhone and PC? How many systems are involved that could be monitored and hacked?

    We're talking about Microsoft, a company that is totally in bed with the FBI and other government agencies. Will the FBI/NSA force Microsoft to include some kind of back door into their iPhone app that allows access to other iOS apps?
    Good points and well stated!
    While I would trust Apple to do the due diligence and back-end security work behind with this vague "It just connects and verifies" kind of description, there is NO WAY I would trust Microsoft...

    It's the difference between a company that creates a great product and then markets it versus one that targets a market and then attempts to create a product that fills it.
    rob53
  • Reply 3 of 6
    Stuck in 2010.
    Bluetooth pairing mode. Is this the year 2000 ?

    edited February 2018 watto_cobra
  • Reply 4 of 6
    I agree about Bluetooth.  There’s a reason I have it disabled.

    I’d still want 2FA.  Like a YubiKey + Described method

    https://www.amazon.com/Yubico-YUBIKEY4-YubiKey-4/dp/B018Y1Q71M/ref=sr_1_4?ie=UTF8&qid=1518202726&sr=8-4&keywords=2FA
  • Reply 5 of 6
    I tried a beta of Authenticator last year and never got it to work. When I called Microsoft for help, I never got anyone in their so-called Customer Service who even understood what Authenticator was. Undoubtedly not ready for Prime Time.
    watto_cobra
  • Reply 6 of 6
    Yes. And that will be over for business as nobody will accept iPhone authentication on office floor. Good luck with that. Windows 10 is already troubled in office adoption in corporations. This will not help. It is dumb idea and companies have their RSA/token solutions on second device already in place. Nobody is looking for fingerprints because peeple get them damaged - token entry is the only reliable way.
Sign In or Register to comment.