Win10 Anniversary Update makes it easier to add external devices for authentication

Microsoft has announced another lure for CISOs who have been holding back on adopting Windows 10 in their environments — improved security.

The company said last week that the Win 10 Anniversary Update that will be released Aug. 2 will include new capabilities to Windows Hello, the operating system’s multi-factor authentication solution for (hopefully) ending users’ need for passwords, to make it easier to use external devices like smart phones, wearables, specialized USB fobs and smart cards as one of the authentication pieces.

When Win 10 was first released users had to enroll their PC as one of the device-based factors. The Anniversary Update will include a new Windows Hello Companion Device framework for using external devices as an authentication factor.

In conjunction with the changes the Microsoft Passport brand — which only referred to credentials users get for authentication once user verification through two or more factors had occurred — will be retired, because that function will be swallowed by WinHello.

Microsoft says enterprises or device makers can tailor devices for a number of scenarios such as

    • users who want to use a device infrequently, or just a single time (for example, at a kiosk) and want to avoid enrolling their identity on each device. This might appeal to retailers or the heathcare sector;
    • where regulators make organizations physically separate a user’s credentials from the device they are signing into. This might appeal to public sector or defence sectors;
    • where the organizations wants users to be able to quickly access a device by just tapping a smart card to sign without entering in a PIN or using biometrics. Microsoft thinks manufacturers might want that.

In fact the framework enables hardware vendors to develop solutions for two types of companion devices, says Microsoft. The first type is a device that is paired with a PC that is already enrolled with Windows Hello. In this case, the companion device doesn’t store the user’s credentials on it. Once paired, signing into a PC can be based on the companion device being within in the proximity of the PC, or it can be based on proximity plus an additional factor, like a biometric.

The second type of devices provide advanced security needed in regulated sectors or where the mobility of the Windows Hello credentials is useful or required. The companion device includes all of the factors for user verification and it also stores the user’s credential on it. This makes Windows Hello and the user’s credentials mobile, enabling the user to access devices without having to enroll their identity on each and every device, says Microsoft [Nasdaq:MSFT].

The company also said two other features will be added to Win10 in the Anniversary Update:

–Windows Defender Advanced Threat Protection is service for helping enterprises to detect, investigate, and respond to advanced attacks on their networks. The service examines the state of machines and their activities over the last six months to maximize historical investigation capabilities and provides information on a simple attack timeline, Microsoft said. Simplified investigation tools allow examination of process, file, URL and network connection events for a specific machine or across the enterprise. A cloud-based detonation service enables files and URLs to be submitted to isolated virtual machines for deep examination.

Pricing wasn’t announced.

–To help protect businesses from accidental data leaks the Anniversary Update will also offer Windows Information Protection, formerly referred to as enterprise data protection. Windows Information Protection enables businesses to separate personal and organizational data on mobile devices.

The free Win 10 upgrade for those using Windows 8 and 7 ends July 29. The Anniversary Update is available only for those on Win10.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Stemming the tide of cybercrime

By: Derek Manky Technology continues to play a significant role in accelerating...

Power through a work-from-anywhere lifestyle with the LG gram

“The right tool for the right job” is an old adage...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now