The Windows 10 Review: The Old & New Face of Windows
by Brett Howse on August 25, 2015 8:00 AM EST- Posted in
- Operating Systems
- Microsoft
- Windows 10
Windows Hello and Passport
Welcome to the future. Windows 10 includes a new feature called Hello, which may change the way we log into our computers forever. Maybe that is a bit dramatic, but Windows Hello is a new framework which allows biometric logon to Windows, and it can include facial recognition, fingerprints, or even iris scanning technologies to authenticate you.
Now let’s take a step back. Windows has of course supported this in the past, and laptops have come with fingerprint readers for years. Much of that was through third party support, but you could easily set up Windows 8 to log in with a fingerprint. So this is not all new, but the new framework may be one of the biggest changes to come yet.
Windows Hello is meant to be a replacement for the traditional password logon. No one really likes passwords, but it is what we have, and therefore it is what we use. Maybe, just maybe, with Windows Hello we can start to move away from passwords. But, we are a long way from there yet. Let’s dig into Hello.
As I mentioned, laptops have come with fingerprint readers for years, and Windows 8 had native support for this (Windows 7 may have as well but I’ve not used a laptop with a reader on Windows 7) and you could pretty easily set it to log in. Windows Hello takes this to the next level with more options for login. At launch, there is support for fingerprints, iris scanning, or facial recognition.
In order to allow facial recognition but not easily be fooled by photos or other objects, Windows Hello requires an infrared camera. Right now, the only supported model is the Intel Real Sense 3D camera system, which was something that was shown off quite a bit at CES earlier in 2015. At the time, I wondered what the point of these 3D cameras were other than for some interesting demos, but clearly the companies were aware of this upcoming framework from Microsoft.
Microsoft has had some experience with this in the past. Kinect, which is an add-on for the Xbox, also allows facial recognition in order to log you in to it. I have to admit that my own experience with the Kinect for this function was so frustrating that I almost cheered the day they added the ability to automatically log into the Xbox One without the Kinect. So I was a bit skeptical about Windows Hello. One of the biggest issues I had on the Xbox One is that it would constantly think my eight year old son was me, and though people always say we look alike, I would think that the thirty extra years of age would make it somewhat obvious that we are not the same person.
I’ve been able to test out Windows Hello with the Intel Real Sense 3D camera dev kit, and I have to say the entire experience is almost perfect. It was incredibly easy to set up, and once configured, the entire process takes only around a second from the time it sees me to the time it logs me in. It seems much more accurate than Kinect, and part of that could easily be the distances it is used at versus the Kinect which often has to read my face from eight or ten feet away. But time after time, it quickly recognized me and logged me in, and once you experience it moving back to typing in a password is going to be a challenge.
I also tried to have it log in when my son was sitting in front of the PC, but he was not recognized, which is exactly how you want it to work. That's a pretty small sample size, but it's already better than Kinect was for me. The Australian had the resources to do a small test as well, but they were able to gather up six sets of idential twins. In none of the cases was the other twin able to unlock the device, so clearly there has been a lot of work to ensure that only the correct person unlocks the machine.
There are some extra security features too you can set up for Windows Hello. You can set it to not automatically unlock the screen if it sees you, which could be helpful in a corporate environment where you are near your computer but not at it, and you can also set it to have you turn your head from side to side before it will unlock, which should help with a more accurate unlock.
This is one of those features where once you first see and use it firsthand, it is almost a must have. I’m not sure if this will drive adoption of Windows 10 on its own, but I would certainly see it driving higher adoption for devices which include it versus those that do not. Hopefully we start to see this incorporated into desktop monitors as well.
Passport
Windows Hello is login, so what is Passport then? Passport is the next step. Windows Hello helps you log into your computer, and Passport is a service to help you log into everything else. This is another framework which can be leveraged in order to provide secure login to services without having to give them a password. There have been some pretty big cracks of online password databases in the last while, and any work to move to a new system which doesn’t require you to have a password at every location is something that will hopefully gain traction.
I think the most confusing aspect of Passport is its name. Passport was at one time the name of your Microsoft login, which was eventually named your Windows Live account, and now your Microsoft Account. It is also used in some other products like the Passport Authentication Protocol for WinHTTP. Confusing as it may be named, how it works is actually fairly simple.
Rather than authenticating with a username and password to a service or website, Passport will instead use a public/private key pair. The private key is stored in the machine and can be protected by the Trusted Platform Module (TPM) if it is present. Services or websites will get a copy of the public key. When a request to authenticate is made, the request is signed by the private key, which can then be opened by the public key.
But before all of this happens, Windows will prompt you to ensure you are in control of your device, using a PIN or Windows Hello. That way, if you leave your computer unlocked, people passing by can’t get access to your bank account using Passport.
None of this security technology is new, and that’s a good thing in the security world. Public/Private key pairs are what already powers all HTTPS traffic on the internet now.
The beauty of using a public key instead of a password is in the event the service is compromised. Attackers no longer gain access to a username and password which may or may not be the same one used by that person on many websites and services. Instead they get a public key, which can only be used to verify requests which come from the corresponding private key. Public keys are called that because they can and are made public for that single purpose.
Both of these technologies are a big step forward for the computer industry. We have already seen how much biometrics can help when looking at devices like the iPhone. For any inherent insecurity of using a fingerprint reader, the actual security is much higher than people using a four digit pin, or worse yet, nothing at all. Technologies like Windows Hello and Passport can be the solution to better security and ease of use. Hopefully both will gain traction with the ramp up of Windows 10.
Facebook
Twitter
RSS
293 Comments
View All Comments
Brett Howse - Wednesday, August 26, 2015 - link
Thanks for the catch on that one :)abhaxus - Wednesday, August 26, 2015 - link
Had a full screen takeover/scrolling ad when trying to read this article. Similar to the Tom's Hardware ads. I don't read that website anymore, and I will stop reading this one if it continues to happen.Anne Druide - Thursday, August 27, 2015 - link
Only 30 minutes in and it is obvious to me that Microsoft has dropped the ball it had picked up with Windows 8.1. (1) Microsoft's efforts at fixing Windows continue to be APITA (a pain you know where)! WHY did they have to completely obliterate the Charms? Why not just have left them along the right side of the new Action Center? I mean really? Did that NOT cross any of the brilliant minds at MS? WHY remove such a distinctive and unique feature of 8.1. Why not integrate it into 10? (2) Furthermore, just as 8.1 had swung maybe (maybe not) too far towards the tiles, 10 has swung WAY too far towards the desktop. Now, to get to the Metro Tiles Menu it takes TWO steps! Why in the world does pressing the offscreen Window button bring up the Start Menu INSTEAD of the Metro Menu? The Start Menu ALREADY has its own Window icon! And what's a TOTAL WASTE is that pressing on the offscreen Windows button while in Tablet mode and on the Metro Menu does ABSOLUTELY NOTHING! It does not even bring up the Start Menu which would have been a great idea! Duh! (3) Finally, I feel that MS has lied about BRINGING BACK THE START BUTTON! Clicking on the Windows button located where the Start button was in Windows 7 does NOT bring anything up even remotely close to what we had in Windows 7! When I press the Start button I DON'T wanna see tiles; I wanna see all the practical functionality of what came up in Windows 7 when I pressed Start! INSTEAD, I get a very confusing flotsam and jetsam mish-mash of everything under the sun instead of quick access to the Control Panel and Task Bar content and...OMG there's no longer any user control of Windows Update?!!! All in all, my first 30 minutes with Windows 10 has been, as you can tell, VERY disappointing! WHY is it SO HARD for MS to JUST GET IT RIGHT! This is NOT even close to what Windows 10 SHOULD be. This is a limping Windows 9 with the 10 thrown in JUST not to look light years behind Apple's OS X whose TEN has been a thorn in the side of MS for how many years now?!mapesdhs - Thursday, August 27, 2015 - link
Still looks to me like MS wants people to have a phone interface on a desktop, which is stupid. So many things once again look incredibly unprofessional, and the lack of configurability is just ridiculous. It makes the coding of this latest release look so amateurish. The smiley in the very first review image is typical. I could make a list of everything else which is stupid (eg. no Save As from right-button), but who has the time, and I'm sure the 22 pages of comments have covered them all already.I don't want to use an OS that looks like a phone interface. I'll keep using Win7 until MS offers something sensible.
straighttalk - Thursday, August 27, 2015 - link
Totally useless review. No content, just a lot of opinion. Where's the beef? What are the issues? What problems are people who upgrade having?SteelRing - Thursday, August 27, 2015 - link
WiFi Sense is the antithesis of privacy and security, you should allow it if you are naive or an MS worshipper or both. Should you upgrade from Win8(.1)? For sure... Should you upgrade from Win7? I'd say if it aint broke dont fix it. I'm personally glad that Win10 finally allows me to buy laptop again, laptop that works and not just a toy. I want a keyboard and a mouse with my computer and Win10 finally lets me have it again. People who want to smear their screens with their fingers seem to be happy with Win10 too, none of my business though. If Win10 had not come out I'd be scavanging refurb laptops with Win7, thank goodness I don't have to.Oxford Guy - Thursday, August 27, 2015 - link
Microsoft is apparently doing its best to make sure it is broken. Here is a list I found of patches to avoid, due to things like added in "telemetry" (spying) or bug introduction:KB3075249, KB3080149, KB2505438, KB2670838, KB2952664, KB2976978 (8 only), KB3021917, KB3035583, KB3075249
Notmyusualid - Saturday, August 29, 2015 - link
Thanks, but cleared out a couple of those already.Zak - Thursday, August 27, 2015 - link
"for most people, they will make the trade-off of less privacy if it means an improved experience. The textbook example here is advertising, where in order to deliver relevant ads to the user (or rather not serve them useless ads) the ad service must be able to learn something about the user and their preferences" -- Are you out of your mind??? Trade my privacy for relevant ads? You ought to be on drugs or MS is paying you to post this drivel. Nobody likes to be blasted with ads, relevant or not. If they system really wants to learn something it is this: NOBODY LIKES ADS.jameskatt - Friday, August 28, 2015 - link
The absolutely WORSE thing about Windows 10 is now much it is tracking you - tracking the websites you read, the apps you use, tracking how much time you spend on a web page, etc. And you cannot turn this tracking off. It is totally creepy that Windows includes so much spying.Some parents may love this in that they get a monthly report from Microsoft of every webpage and app their children use.
But for the vast majority of users and parents, this is simply unacceptable.
Someone has to give us a privacy utility to block Microsoft from tracking us so heavily.