Knowledge base
September 30, 2023
Windows 11 22H2 Adds Key Manager to Windows Hello
Windows 11’s latest update has several security improvements, including a new passkey management dashboard. This is designed to make it easier for users to switch to passwordless login methods. In addition, there are tools to reduce the attack surface.
Passkeys and Security:
Passkeys, linked to specific devices such as computers, tablets or smartphones, play a crucial role in reducing the risk of data breaches. They provide strong defense against phishing attacks, block malicious actors and prevent unauthorized access attempts. Compared to traditional passwords, passkeys are a more secure option because they eliminate the need to remember passwords for every website or online service.
Response to Phishing Attacks:
Microsoft’s push for passwordlessness has been driven by a threefold increase in phishing attacks on users’ data since last year. Internal data from Redmond reports more than 4,000 incidents per second. To counter these attacks, Microsoft is making it possible to generate passkeys with Windows Hello. This lets users login to their website or Web app accounts with their face, PIN or fingerprints.In addition, Windows 11 users will also be able to use Bluetooth-connected mobile devices to complete login processes.
Management of Passkeys:
After the update, a dashboard for managing passkeys will be available in the Settings app under Accounts > Passkeys. “Windows 11 will make it much harder for hackers stealing passwords through phishing attacks by allowing users to replace passwords with passkeys,” said David Weston, Microsoft VP for Enterprise and OS Security.
Technological Collaboration:
The passkey management dashboard was first introduced in June with the release of Windows 11 Preview Build 23486 for Insiders in the Dev Channel. Microsoft and Apple confirmed their commitment to passkeys in May 2022 and supported Web Authentication (WebAuthn) credentials. A year later, Google also announced it was rolling out support for passkeys for Google Accounts, allowing users to log in without entering a password or using 2-Step Verification (2SV).
Additional Security Features:
Today’s update allows Microsoft IT teams to implement new policies. This policy can block the use of passwords on all enterprise devices linked to Azure AD (Entra). Customers can also set up App Control for Business (formerly Windows Defender Application Control). This ensures that only trusted apps can run, blocking unwanted or malicious code. The Windows 22H2 update also includes expanded Firewall logs and new options to choose incoming and outgoing ICMP rules.
Closing
The latest updates and features strengthen security in Windows 11, offering users greater control and convenience in their daily digital interactions while reducing the risk of cyberattacks.
Want to know more?
Related
blogs
Tech Updates: Microsoft 365, Azure, Cybersecurity & AI – Weekly in Your Mailbox.