Windows 10 Will Have Much Increased Security
Microsoft revealed Windows 10 technical preview a month ago. We heard about interface changes like the new start menu, but we never got to know about what was really inside the new Windows 10 (that was so eager to be released that Microsoft skipped the 9th version). Microsoft revealed some more details about Windows 10 relating to security.
Windows has been prone to security attacks and viruses unlike Linux, which being open-source is immune to viruses. But it looks like the things are going to change with Windows 10. Microsoft has installed a service called “Next Generation Credentials” but it is not enabled yet.
Microsoft plans to “move the world away from the use of single factor authentication options, like passwords.” Using this service, the device owner can add his or her device to Microsoft’s trusted devices. Then the user can use a PIN or biometric input, like fingerprint or voice command, to sign into any supported mobile device.
How it increases security? If the PIN stored in databases at Microsoft’s side is stolen, the thief would still need the particular device associated with that PIN. So the thief wouldn’t be able to breach into accounts.
On the other hand, if the device is stolen, the thief would be unable to breach into accounts as he or she would not have the PIN.
According to Microsoft, PIN can be any combination of alphanumeric characters, and it is not restricted to simple short numeric characters like a typical ATM card.
This authentication scheme is not a propriety (like Windows), instead it is based on standards set by FIDO Alliance.
Another great feature that enhances security is most beneficial for organizations, like banks and government institutes, that have high-security demands. Administrators will be able to lock down devices used in their organization to stop using untrusted code. This feature will be available in Windows 10 Enterprise Edition.
Using this feature, only those apps will be allowed to run through the organization that are signed by a code-signing certificate issued by Microsoft. In other words, only those apps trusted by Microsoft.
These include apps from Windows Store as well as desktop apps. If an enterprise wants to add their own apps, they can do so by submitting a request for their own key generator. These apps will only be run on their own network, and won’t work on other networks.
These great features enhance the security level provided by Windows ecosystem. Do you think these would be enough or hackers would still find their way to breach into accounts? Let us know in comments.