Microsoft Edge Browser Supports Web Authentication To Improve their Security.
Microsoft introduces Web Authentication specification in its Edge Browser with more secure web experience and password-less feature.
Now users can sign in with face reorganization, Fingerprint, PIN, or portable FIDO2 devices, leveraging strong public-key credentials instead of passwords with Web Authentication.
In general users are saving their passwords into the Browser, but it is not a proper secure way. The user’s password can be cracked through Browser Hijacking. For this reason, Microsoft goes through for World Without Passwords with innovations like Windows Hello biometrics and pioneering work with the FIDO Alliance to create an open standard for password-less authentication – Web Authentication.
Windows Hello allows users to authenticate without a password on any Windows 10 device, using biometric—face and fingerprint recognition or a PIN number to sign in to websites. With Windows Hello face recognition, users can log in to sites that support Web Authentication in seconds, with just a glance.
Microsoft Edge Browser also supports the FIDO2 project. The FIDO2 Project is a set of interlocking initiatives that together create a FIDO Authentication standard for the web and greatly expands the FIDO ecosystem.
FIDO2 is comprised of the W3C’s Web Authentication specification (WebAuthn) and FIDO’s corresponding Client-to-Authenticator Protocol (CTAP), which collectively will enable users to leverage common devices to easily authenticate to online services — in both mobile and desktop environments.
In March W3C Web Authentication working group had announced that the Web Authentication specification (WebAuthn) has attained Candidate Recommendation (CR) maturity level. This is a major step towards enabling practical, strong, privacy-preserving authentication on the Web. Web Authentication is a challenge-response protocol employing strongly secure public key cryptography, with per-website key pairs, rather than the simple presentation of phishable, possibly re-used, passwords.
It is good that Microsoft thinks Password-less authentication experiences for users. But how it would be more secure You can try out this new feature by installing Windows Insider Preview build 17723 or higher.