Latest Microsoft Windows 10 Preview update brings new Windows Hello features
Windows Hello was introduced as one of the most interesting innovations in security across all Windows 10 devices, as Microsoft pursues its goal of killing passwords in favor of biometric authentication and other forms of secure access.
Most recently, Microsoft has issued Windows Insiders, two updates to its current Preview Build 10565. The first one, while bringing some interesting enhancements to the build, also caused some problems on devices using Secure Boot. By the same token, we did expect a new update to follow, with features more likely related to security improvements, and Bitlocker encryption features, including Secure Boot.
As expected, the latest update to the current build seems to provide easier support for PIN authentication, on devices that do not have fingerprint readers, nor Intel RealSense 3D cameras to enable face recognition.
Much like for all current forms of biometric authentication designed to work with Windows Hello, setting us a PIN creates the information necessary for authentication, only on the host computer. This means that there is no way to unlock and gather access to a Windows 10 PC, remotely, using Windows Hello.
This type of security is even stronger when paired with two-step authentication, which works either through SMS, or through the Microsoft account app, available on iOS, Android and Windows 10 mobile devices, and generates one-time codes necessary to authorize the sign-in into Microsoft services, and access to apps, settings and even devices.
Why does this matter
With Microsoft Windows 10, comes Bitlocker support, and it works in two different ways, depending on the version of Windows that’s running on the host PC.
On windows 10 Pro and Enterprise, Bitlocker works at a very granular level, allowing the user to encrypt single files and folders within the system.
When using Windows 10 Home edition, while Bitlocker settings won’t be as granular, it can be used to encrypt entire hard drives, whether they are local or external.
Once a PIN is set for the host device, unlocking said device will be impossible, without alternative ways to access a Microsoft account, which can only be done by way of two-step authentication, making it very difficult for anyone with ill intent, to gain access to the content of a PC, whether they try to connect to it remotely, or interacting with it directly, by stealing the actual device.
This means that in order to have a shot at gaining illegal entry into a locked Windows 10 laptop, criminals would have to physically steal the laptop, and any mobile devices set to authorize said laptop’s access. Since most iOS, Android and Windows 10 Mobile devices, feature secure login that is either PIN-based, password-based, or fingerprint-based, the chances to get past a Windows 10 login screen are extremely slim.
On Windows Surface devices, the latest update brings even more enhancements, as fingerprint support has been extended to the Surface Pro 4, and is also built into the Surface Book.