Skip to main content
  1. Home
  2. Computing
  3. News

Ditch the passwords and buy Xbox games with just your face

By
Image used with permission by copyright holder

Microsoft’s Windows 10 October 2018 Update was re-released recently, and along with introducing features that play nice with your phone, it now lets you ditch more of your passwords. The latest version of Windows 10 allows you to sign in with your Microsoft account on the web through Microsoft Edge using Windows Hello or a FIDO 2 Yubikey.

This feature was originally beta tested with Windows Insiders this past summer but has long been supported by both Firefox and Google Chrome. It is a safe and secure process which involves setting up two-factor authentication and automatically creating a public token and a private sign-in token for a Microsoft website. There is no extra software needed, and everything is secure and handled directly within Microsoft Edge. Once the initial setup is done, a website will send a request for a private token and cross-check it against either your face or fingerprint via built-in Windows Hello facial recognition, or Yubikey to log you in.

Recommended Videos

If your laptop or desktop does not have Windows Hello built in, the Yubikey 5 Series and Security Key by Yubico are options to enjoy the feature. These accessories can be purchased for anywhere between $45 to $60. Both USB C and USB A versions are available, and most models feature water resistance, crush resistance and low-profile designs.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

Currently, passwordless logins in Microsoft Edge work with Outlook, Skype, Office, OneDrive, Windows, Cortana, Edge, Xbox Live, Mixer, Microsoft Store, Bing, and MSN. That means you can visit the Microsoft Store on the web, and purchase a game for your Xbox without even having to remember your password. It also is a more secure process that is less prone to hacking.

“No more passwords means remote attackers can’t phish your username or password, or use other modes of attack. The physical possession of your Yubikey is required for access,” says Yubico, the group behind Yubikey.

Microsoft has long been on a journey to kill off passwords in favor of Windows Hello. In a blog post from July, it highlighted how far that has come.

“We started this journey in 2016 when we shipped the industry’s first preview implementation of the Web Authentication API in Microsoft Edge… Since then, we have been updating our implementation too as we worked with other vendors and the FIDO alliance to develop the standard,” Microsoft said.

Arif Bacchus
Arif Bacchus
Former Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Topics

Editors’ Recommendations

It only took 41 years, but Notepad just got its most important update ever
The Notepad app on Windows 11.

After 41 years of being part of Windows, Notepad has finally been updated by Microsoft with two essential features: autocorrect and spellcheck. Given how prevalent spellcheck is across any app where you can enter text, you could be forgiven for thinking that Notepad already had the feature, but it was just added to the app available in Windows 11.

Microsoft originally announced the addition in March, and it began rolling out spellcheck in Notepad to Windows Insiders the following month. Over the past few days, the wider Windows 11 install base has received the update. You probably never noticed it -- I checked out Notepad on my PC and saw spellcheck was enabled, and I haven't seen a peep from Windows Update.

Read more
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more
You’ll soon be able to control your Chromebook with just your face
Project Gameface being used to write an email.

Chromebooks have AI too. Google's recent comments on its AI advances arrived between Microsoft's big Copilot+ announcement and the forthcoming Apple AI news. In addition to outlining a few new AI features that are now available for Google's Chromebook Plus line of laptops, Google previewed a fascinating feature coming later that would let you control the entirety of your Chromebook with just your face.

Using computer vision and the webcam built into your Chromebook, you'll soon be able to talk to it, move your face, and make hand gestures to control your Chromebook. Google calls it Project Gameface, and it's being built right into ChromeOS. The feature was originally announced via a blog post on May 10, and is aimed at creating a "hands-free, AI-powered gaming mouse," but now it's being expanded and is officially coming to Chromebooks.

Read more