What is Microsoft’s Hardware Authentication Key?

Microsoft has revealed a new technology that will allow 800 million users to log on to their accounts, including Outlook, Office 365, OneDrive, Skype and Xbox Live, without inputting a password.

Instead, users can plug a physical hardware key into the USB ports on home laptops and tablets, or connect it by Bluetooth to a mobile phone. The key is used in conjunction with other ID verification methods, such as facial recognition technology or fingerprint ID, PIN codes or a phone running the Microsoft Authenticator application, to enhance security while negating the need for a password. The system is based on technology standards known as FIDO2. For more information, Microsoft goes into more detail here.

Branded as an important step away from the outdated password ID verification method, these hardware security keys are a variation of dual-factor or multifactor authentication. This means that in order to access an account, the user will need to be able to share more than just their username and password. Typically, this involves sharing something you know (your password), something you are (your biometric features) and something you have (token) to prevent unauthorized access.

Hardware keys are also an improvement on SMS codes and authenticator apps. Text messages in principle, could be susceptible to fraud and a data breach, as they can be intercepted and stolen before they get to the recipient.

This type of token-based sign-in process is steadily spreading. In addition to Microsoft, companies that currently support it in various capacities include Google, Dropbox, Twitter, Facebook, Github, LastPass, 1Password and Dashlane.

Do you have a question you’d like answered? Please leave a comment below.