Using FIDO (not your dog’s name) for your password

Enter password. Two of the most annoying words when using technology, whether it be your phone, a web site, or a computer.  Remembering each password without plastering your monitor with sticky notes is a pain. Did I create this one with the kids’ initials in age order or alphabetically? Did I capitalize the dog’s name or not? And was it my anniversary date or the day we moved into our house?

Regardless of your “foolproof” system for remembering, passwords have become less and less effective over time.  Microsoft announced in 2019 that 99% of account hacks are stopped by using multi-factor authentication (MFA). While that it is good news, it also tells us that the first factor – your password – doesn’t prevent many attacks.

Microsoft, Google, and Apple announced some really good news – they have collaborated to extend the FIDO standard to support password-less authentication across devices, browsers, operation systems, and applications.  This means that we can use device specific PINs or biometric features like fingerprints or facial recognition. Taken together, these methods are known as passkeys and have the dual benefit of lowering the impact on users while preventing hackers from capturing an authentication factor.

And perhaps the best news for Spot PC users – both Azure Virtual Desktop and Windows 365 will start supporting the full feature-set of Windows Hello, which is the Microsoft implementation of passkeys. Since Spot PC already leverages the user’s Azure AD/Microsoft 365 identity, adding the ability to use passkeys across Windows, Mac OS, Android, iOS, Edge, and Chrome will make access to you Spot PC uniform.  Regardless of device, each login is tracked and displayed in the Spot PC console and scanned for suspicious activity by Defender for Cloud. The result is less hassle for us humans and more automated security by the Spot PC environment.

Now I remember. It was my sister’s graduation date plus the third letter of each word in the first line of lyrics in Bohemian Rhapsody. Good riddance.

We’re hosting a webinar soon about Spot PC, security and hybrid work, I highly recommend getting registered, even if you end up having to watch the recording at a later time: