In Windows 10, Microsoft introduced “Windows Hello” which – to keep things simple – offers the ability to use biometrics to unlock a computer instead of using a regular password. Windows Hello was demoed fairly early on in the Windows 10 development cycle, and there was lots of excitement in the tech press about it, but the fact that you can use biometrics for authentication purposes is not really new; especially in building access control where biometrics havealready been used for many years to verify someone’s identity before granting access to certain areas of a building. Given this, you might wonder what is so special about Windows Hello. The answer lies in the combination of Hello with another feature.
Along with Hello, Microsoft introduced another new feature that didn’t get as much attention: Microsoft Passport. The simplest way to think of Passport is as a replacement for reusable passwords. While Hello can be used to unlock a credential, Passport lets you replace traditional passwords with much stronger cryptographic credentials.
Passwords are, because of the way people use them, inherently insecure. In recent years, researches have suggested that moving from regular passwords to passphrases could help solve the problem of short (even if complex) and insecure passwords. The following xkcd cartoon clearly illustrates that point: