Windows 10 will provide two -factory authentication support Microsoft presents bone safety improvements

Microsoft recently published its first update for Windows 10 Technical Preview.This update provides 7,000 modifications and improvements, a significant number of which would not be visible for users.Among these improvements under the hood, we can note new features to provide better safety to users.Through a ticket on the Windows blog, Microsoft has returned in detail to Windows 10 developments concerning the safety appearance.Among these new features, we find in pole position the management of two factors authentication.Traditional mono-factor authentication based solely on torque username/password is no longer sufficient these days to shelter users safe from pirate attacks.Microsoft cites some examples of user data flights, including the collection of 1.2 billion user names and passwords by Russian pirates.Thus, with Windows 10, the firm intends to strengthen the protection of identity and access control, information protection and threat resistance.The operating system is therefore enriched with a new service called "Next Generation Credentials".The functionality which is not yet activated in the preversion of Windows 10 will allow a user to exploit its device in authentication mechanisms with two factors.Concretely, once the terminal of a user registered as a confidence device, it becomes one of the two factors that are necessary for authentication.The second factor will be a PIN code or biometric information, such as a fingerprint.With "Next Generation Credentials", a hacker to compromise an account must have these two elements.However, the standard on which the service is based makes it possible to protect the user from a flight from its PIN code."We believe that this solution leads to the protection of identity to a higher level, because today, multi-factor security is required that implemented on smartcards, which is found in the operating system,eliminating the use of additional security devices, ”says Microsoft.Microsoft also explains that users will be able to transform one of their devices (such as a mobile phone) into an identification information provider.The smartphone can thus centralize identifications and deploy them on other devices via WiFi or Bluetooth to manage access to these devices, network or web services.The "Credential" may be a pair of keys generated by Windows, or a certificate provided by an existing PKI service.The tokens generated for authentication will be protected from Pass the Hash or Pass the Ticket type attacks, even if the core of the windows is compromised, after Microsoft.This was made possible thanks to the storage of tokens in a secure container operating on Hyper-V.The new "Credential" system will be supported by Active Directory and Azure Active Directory.Microsoft also claims that its operating system will offer companies, automatic encryption of business applications, data, emails, websites and other sensitive information.Source : Blog Windows