PINs and passwords may be the most simplistic form of computer security, but they somehow also manage to be the most consistently annoying. Sufficiently secure and lengthy ones are easy to bungle, for one, and any length of password is a major impediment to light computing. But if Microsoft has anything to do with it, the PC password field may soon become a relic of the past: the Redmond, Washington company is testing a new version of its Authenticator smartphone app that automatically unlocks your Windows 10 computer via Bluetooth.
The Windows 10 mobile app, tentatively dubbed Phone Sign-In Beta, bypasses the password login of a nearby Windows 10 machine via a secure Bluetooth connection. “After a quick Bluetooth sync, use this app to unlock your Windows 10 computer at work. Just open the app and tap on the nearby computer,” says the app’s Store page. It’s a dramatic upgrade from the most recently available Authenticator, which at present can only be used to generate codes for two-factor authentication sign-ins, and is not unlike Google’s Smart Lock for Chromebook: supported Android devices paired via Bluetooth to a Chromebook automatically unlock the machine.
The app isn’t available for public consumption quite yet — Neowin reports that it can only be downloaded on Lumia phones running Insider Preview build 14267. And given the mention of “work” in the new app’s description, it’s unclear if Bluetooth authentication will initially remain exclusive to enterprise. A note on the download page indicates that future versions will add support for “Microsoft account [sic], a sign-in solution for browsers and VPN, one-time passcode generation, and MFA approval through notifications.”
Bluetooth’s probably not the perfect answer — if your smartphone’s at home or low on battery, you’re out of luck — but it’s better than some of the less practical password replacements that have been proposed in recent years. Cryptographic dongles such as Yubico require the presence of a secure USB dongle in the computer you wish to unlock, and in a paper published in the engineering journal IEEE Security & Privacy Magazine, Google researchers envision a “smart ring” that unlocks computers with a tap.
Bluetooth authentication is yet another development in Microsoft’s many-pronged effort to supplant password security with better, faster alternatives. Its biometric framework on Windows 10’s Windows Hello supports fingerprint readers, iris-scanning sensors, and facial recognition cameras. Separately, the company’s a member of the Fast Identity Online (FIDO) alliance, an industry consortium that seeks to improve authentication on smart devices.
