Since this week, Microsoft has been offering users the possibility to log in to their Microsoft Account using Windows Hello or a FIDO2 device such as a YubiKey hardware key.

The capability works in conjunction with the Edge browser of Windows 10, according to Alex Simons of Microsoft’s Identity Division . Users can activate the Security measure by logging in to their Microsoft account and under Security under “More security options” to go through the steps to set up a security key. In Dutch, the option is not present at the time of writing.

Setting Windows Hello for biometric authentication can be done in Windows 10. The next time you log in to a Microsoft Account with Edge, you will see the option to log in with Windows Hello or a security key. After that, they only have to enter the preset PIN code and, for example, scan their fingerprint with a YubiKey.

Microsoft uses the WebAuth API and the ctap2 specification of FIDO2 to enable logging in with hardware keys. FIDO2 of the FIDO Alliance and the W3C is an open authentication standard that builds on U2F and UAF . The goal is to make traditional passwords redundant in as many places as possible.