Windows 10, you can access your Microsoft account on Edge even without a password
Microsoft is the first company to support security keys based on FIDO2 standards, which allow access to sites and services in total security, even without having to enter the password each time.
Several companies are trying to overcome the password, and offer an authentication method that is both fast and secure. Microsoft offers several ways to access the Microsoft Account on Windows 10, and with Windows 10 October 2018 Update has enabled support for security devices based on the FIDO2 standard, so as to allow users to log in to the Microsoft account on Edge without having to enter credentials.
The same standard can be used, together with Windows Hello, also on the Edge browser, with Microsoft being the first company to support passwordless authentication using FIDO2 WebAuthn and CTAP2 technologies. Who has already updated to the latest version of Windows 10 can configure Windows Hello or a security key with support for the FIDO2 protocol on the native browser.
If you have a webcam or fingerprint sensor compatible with the Windows Hello standard, you can access the Microsoft Account settings on the Edge browser and connect the device to access without having to enter your password and username. In both cases, a private key will be set on the device’s Trusted Platform Module (TPM), which is used in conjunction with a physical key or the Windows Hello biometric authentication system.
The combination of the private key on the device and the public key saved on Microsoft servers allows you to access the device without actually entering a password, and do so in total security without being vulnerable to scam or malware attempts.
Previously, Microsoft allowed users to log in without a password using the Microsoft Authenticator app available on iOS and Android, with FIDO2 security key support that is the natural evolution of that system.
Google and Facebook already accept USB tokens to secure user accounts, and Microsoft is planning to offer the same support to educational and enterprise accounts using Azure Active Directory. It is noteworthy that Microsoft is adopting open standards to ensure, on the Edge, access to the account without passwords, such as those of W3C and FIDO Alliance, and also Chrome and Firefox could use the physical security keys to enter the Microsoft Accounts as soon as they implement support for the FIDO2 standard.
