Skip to content

Enterprise Mobility + Security


Howdy folks,

At Microsoft we’ve been working hard to eliminate passwords since the very earliest stages of Windows 10.  We’ve made great progress with Windows Hello and our mobile Authenticator app that’s available on iOS and Android.  But to date we have not had an interoperable solution that works across all industry platforms and browsers.

That’s why I’m so excited about the this weeks news from the FIDO Alliance and the World Wide Web Consortium (W3C).  On Tuesday the W3C advanced the Web Authentication spec (WebAuthn) to Candidate Recommendation status.  WebAuthn defines a web API that enables browsers and sites to use external authenticator keys based on the FIDO standard. This means we now have a cross-platform option for providing strong authentication without passwords!  And with support from Google, Microsoft and Mozilla browsers, we’re optimistic that WebAuthn will rapidly become widely adopted.  WebAuthn works together with the Client Authentication Protocol (CTAP), another FIDO standard.  CTAP defines the protocol for an external security key and talk to a client device.  With CTAP in place, we’re excitedly awaiting the wide variety of cost-effective security key options and form factors that innovative companies like Yubico, HID, Infineon, and Feitan are already working on.

Overview of FIDO2 architectural components

Microsoft has been working with the FIDO alliance for 4+ years now. We’ve made major contributions to the development of the FIDO2 set of standards and we are committed to adding full support of CTAP on Windows 10 and WebAuthn in the Edge browser. Microsoft’s identity products and services will also support FIDO.  This will allow Microsoft customers to use any Microsoft identity – both personal Microsoft accounts and organizational identities based on Azure Active Directory – to signin using a FIDO device instead of a password on any FIDO2 compatible device or browser.

The Password-less future is rapidly approaching and we’re excited for it to arrive!

For more information on the big announcement check out: https://fidoalliance.org/fido-alliance-and-w3c-achieve-major-standards-milestone-in-global-effort-towards-simpler-stronger-authentication-on-the-web/

Best regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity Division