PowerPoint Presentationdownload.microsoft.com/download/A/2/E/A2E98445-15C0... · Microsoft Personal...
Transcript of PowerPoint Presentationdownload.microsoft.com/download/A/2/E/A2E98445-15C0... · Microsoft Personal...
Extension Package
Manifest.json
Background page
Content scripts
UI pages
https://aka.ms/extension-request
17
Credential problems
76%of network intrusions
can be traced to weak or stolen passwords1
12014 NIST Roadmap for Improving Critical Infrastructure Cybersecurity2Source: Gartner estimate3Source: Sophos Online Password Survey
Windows Hello is the password-free sign-in that gives you the fastest, most secure way to unlock your Windows devices, apps and Microsoft Edge websites.
Using your face, fingerprint or companion device, it recognizes you apart from all others.
You are the password
Simplify password management
Reduces the cost and effort of implementing password management
Easy to use APIs
Native API support for strong authentication via Universal Windows Platform and Edge without
the need for custom cryptography
Windows 10 apps Enterprise content Microsoft Edge-friendly websites
Client Server
User requests to use passwordless login
Challenge
Sign Challenge with Private Key
Signed Challenge
Check signature
Return Information
Overview of Window Hello authentication
contoso.com
Web Authentication API
- makeCredential (registering a user)
- getAssertion (authenticating a user)
27
Summary
• Solves previous authentication problems
Client APIs are secure, but don’t require cryptography knowledge