Win10 to sport password-less biometric authentication

Microsoft will give users of Windows 10 the option to authenticate with biometric scanners rather than passwords to access a wide range of systems and apps.

Called Windows Hello, users will be able to scan their faces, irises or fingerprints to verify identity and access Windows phones, laptops and personal computers instead of using traditional passwords.

Joe Belfiore, who heads up Microsoft's operating systems group and who announced Windows Hello said users' biometric data would be stored locally on the device and not be sent to cloud servers.

Furthermore, the data will be anonymised to make sure it is safe from unauthorised access. 

With Windows Hello, users can authenticate applications, enterprise content and some online material without passwords, Belfiore said.

Belfiore said Windows Hello is part of the Passport system that authenticates users with biometrics, or personal identity numbers (PINs).

Once authenticated with Passport, users get access to a range of apps and third-party sites, all without a shared secret or password being transmitted over a network.

Passport will work with enterprise Azure Active Directory service when it launches.

Windows Hello will work on existing devices with fingerprint scanners. It will also work with Intel's new RealSense F200 3D camera.

On top of biometric identity verification, Microsoft said last year that it would bring in two-factor authentication for Windows 10, using challenge and response tokens that are supported by its standalone enterprise Active Directory and cloud Azure Active Directory services.