Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft’s guide for going password-less

Published byColleen Harper Modified over 6 years ago

Similar presentations

Presentation on theme: "Microsoft’s guide for going password-less"— Presentation transcript:

1 Microsoft’s guide for going password-less
9/12/2018 3:33 PM THR2259 Microsoft’s guide for going password-less Karanbir Singh Senior Program Manager © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Session objectives and takeaways
Tech Ready 15 9/12/2018 Session objectives and takeaways Session objectives Password-less - Why? Our strategy Password-less technologies available today What’s coming Demos Takeaways Microsoft’s commitment to enabling a world without passwords Strategy and tangible next steps on how to take your enterprise password-less © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 TURBULENT TIMES 160 MILLION customer records compromised
9/12/2018 3:33 PM TURBULENT TIMES 160 MILLION customer records compromised 229 DAYS between infiltration and detection $3 MILLION of cost/business impact per breach © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 “ “ The hits keep on coming…
9/12/2018 3:33 PM Equifax data breach may affect half US population Thieves stole customer names, Social Security numbers, birthdates and addresses in a hack that stretched from mid-May and July. The data taken affected as many as 143 million people… Alfred Ng, CNET September The hits keep on coming… Source: © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Nobody likes passwords
9/12/2018 3:33 PM John Doe lllllll Nobody likes passwords Alpha-numeric passwords are hard for humans to remember and easy for computers to guess. On mobile devices entering passwords is impossible. Credential reuse across multiple services increases attack surfaces. Even the strongest passwords are easily phishable. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Nobody likes passwords
9/12/2018 3:33 PM John Doe lllllll Nobody likes passwords #1 COST for Enterprise IT departments For Microsoft account, in the month of July 686K forgotten passwords $12M+ spent on forgotten passwords © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Nobody likes passwords
9/12/2018 3:33 PM Nobody likes passwords Passwords + 2FA is more secure, but also more complicated and difficult to use. 2FA verification code: MESSAGES John Doe lllllll + 2FA Passwords © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Passwords + standard 2FA
The search for better High Security Passwords + standard 2FA ? 2FA verification code: MESSAGES Inconvenient Convenient John Doe lllllll Passwords Low Security

9 Passwords Insecure Inconvenient Expensive
Build 2015 9/12/2018 3:33 PM Passwords Expensive Inconvenient Insecure Human generated symmetric secrets © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Passwords Human generated symmetric secrets Insecure Compatible
Build 2015 9/12/2018 3:33 PM Passwords Easy to provision Portable Compatible Expensive Inconvenient Insecure Human generated symmetric secrets © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 What does password-less mean to us?
Build 2015 9/12/2018 3:33 PM What does password-less mean to us? User promise End-users never have to deal with passwords in their day-to-day lives. Security promise User credentials cannot be cracked, breached, or phished. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Strategy 4. Eliminate pwds from identity directory
Build 2015 9/12/2018 3:33 PM Strategy Achieve End-User Promise Achieve Security Promise 1. Develop and deploy pwd-replacement offerings 2. Reduce user-visible pwd surface area 3. Transition users & devices into using machine generated key based solutions 4. Eliminate pwds from identity directory © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 What’s available today?
Build 2015 9/12/2018 3:33 PM What’s available today? SmartCard only MSA password-less opt in Windows Hello App Passwords Smart Card for Interactive Login WHFB for mainstream scenarios Enlightened inbox apps Modern Authentication libraries Policies to disable password credential provider 1. Develop and deploy pwd-replacement offerings 2. Reduce user-visible pwd surface area 3. Transition users & devices into using machine generated key based solutions 4. Eliminate pwds from identity directory Windows Hello for Business Authenticator app © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 UTILIZE FAMILIAR DEVICES
9/12/2018 Windows Hello USER CREDENTIAL An asymmetrical key pair Provisioned via PKI or created locally via Windows 10 UTILIZE FAMILIAR DEVICES SECURED BY HARDWARE © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION

15

16 Windows Hello Adoption
9/12/2018 3:33 PM [Windows 10] Windows Hello Adoption 37M active Windows Hello users enterprises have deployed Windows Hello for Business >25K Largest customer enterprise deployment BRK2076: Windows Hello for Business: What’s new in 2017 BRK2075: Extending Windows Hello with trusted signals © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Extending Windows Hello…
Devices & Sensors Environmental awareness Behavioral patterns Better Trust Decisions

18 Microsoft Account Phone sign-in using Microsoft Authenticator
9/12/2018 3:33 PM Microsoft Account Phone sign-in using Microsoft Authenticator Password-less authentication Public / Private key exchange ## people using/Growth data if we have it New Data on- Andrew Pickering over a $1million, will get the data…One we publish top requests for enterprises. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Azure Active Directory
9/12/2018 3:33 PM Modern Authentication Azure Active Directory Microsoft account Web Account Manager Microsoft Auth Library (MSAL) Insert relevant session #1 Insert relevant session #2 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Demo: E2E OOBE(?) + Windows Hello + SSO + Recovery
9/12/2018 3:33 PM Demo: E2E OOBE(?) + Windows Hello + SSO + Recovery © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 What you can do today! Guide for going password-less
Build 2015 9/12/2018 3:33 PM What you can do today! Guide for going password-less Stay tuned Lots more coming… Disable Password credential provider Upgrade LOB and web apps to modern authentication Identify & phase out legacy workflows 1. Deploy pwd-replacement offerings 2. Reduce user-visible pwd surface area 3. Simulate password-less on your devices 4. Eliminate pwds from identity directory Deploy Windows Hello for Business Authenticator app © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Just around the bend…

23 Azure Active Directory
9/12/2018 3:33 PM Azure Active Directory Phone sign-in using Microsoft Authenticator Password-less authentication Public / Private key exchange © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Windows 10 Device unlock Web-Auth FIDO 2.0 compliant
9/12/2018 3:33 PM Windows 10 Device unlock Web-Auth FIDO 2.0 compliant POC ready (cloud-only) © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 9/12/2018 3:33 PM Fast IDentity Online 2.0 Standards-based, interoperable authentication 2.0 Works with the same devices people use every day Based on public key cryptography Biometrics and keys never leave the device Protects against phishing, man-in-the-middle and replay attacks © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 FIDO Alliance board members
…and hundreds of industry partners

27 The roadmap to no more passwords
9/12/2018 3:33 PM The roadmap to no more passwords Windows 10 or other OS Microsoft Edge or other browser Any device Microsoft Authenticator Device + Biometric Biometric on device + On-premises app Web app SaaS service Microsoft account Azure Active Directory © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 In review: session objectives and takeaways
Tech Ready 15 9/12/2018 In review: session objectives and takeaways Go password-less today! Deploy Windows Hello for Business, Authenticator app, FIDO Upgrade LOB and web apps to modern authentication Disable password credential provider Identify & phase out legacy workflows Report gaps so we can address them! Stay tuned! There is a lot more coming! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Ignite Resources BRK2017: Saying goodbye to passwords
Tech Ready 15 9/12/2018 Ignite Resources BRK2017: Saying goodbye to passwords BRK2076: Windows Hello for Business: What’s new in 2017 BRK2075: Extending Windows Hello with trusted signals BRK2077: Credential protection in Windows: An Overview THR2259: Microsoft’s guide for going password-less © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Please evaluate this session
Tech Ready 15 9/12/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 9/12/2018 3:33 PM Thank you © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Microsoft’s guide for going password-less"

Similar presentations

Azure Machine Learning Deploying and Managing Models in production

Azure Machine Learning Deploying and Managing Models in production
5/31/2018 3:40 PM BRK3113 How Microsoft IT builds Privileged Access Workstation using Windows 10 and Windows Server 2016 Jian (Jane) Yan Sr. Program Manager.

5/31/2018 3:40 PM BRK3113 How Microsoft IT builds Privileged Access Workstation using Windows 10 and Windows Server 2016 Jian (Jane) Yan Sr. Program Manager.
Azure File Sync Setup, configuration and management

Azure File Sync Setup, configuration and management
How To Deliver Apps Faster And Secure Them The Microsoft Way

How To Deliver Apps Faster And Secure Them The Microsoft Way
Use any Amazon S3 application with Azure Blob Storage

Use any Amazon S3 application with Azure Blob Storage
6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee Welly.Lee@microsoft.com.

6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Azure Cloud Shell Magic of Modern Command-line Management

Azure Cloud Shell Magic of Modern Command-line Management
6/17/2018 3:45 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

6/17/2018 3:45 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Windows 10 and the cloud: Why the future needs hybrid solutions

Windows 10 and the cloud: Why the future needs hybrid solutions
6/17/2018 10:27 AM BRK3341 Unlock extensibility by connecting your service to PowerApps and Microsoft Flow Theresa (Tessa) Palmer–Sr. Program Manager Sunay.

6/17/ :27 AM BRK3341 Unlock extensibility by connecting your service to PowerApps and Microsoft Flow Theresa (Tessa) Palmer–Sr. Program Manager Sunay.
6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.

6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
Modernizing your Remote Access

Modernizing your Remote Access
Azure SDKs and Tools for You

Azure SDKs and Tools for You
6/25/2018 11:13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.

6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Do more with Microsoft Word and Office 365

Do more with Microsoft Word and Office 365
Optimizing Microsoft OneDrive for the enterprise

Optimizing Microsoft OneDrive for the enterprise
The power of common identity across any cloud

The power of common identity across any cloud
Virtual Machine Diagnostics in Microsoft Azure

Virtual Machine Diagnostics in Microsoft Azure
Microsoft Ignite /31/ :08 AM

Microsoft Ignite /31/ :08 AM

Similar presentations

Ads by Google