Q: In Windows 10 Microsoft includes Microsoft Passport – is this new authentication feature somehow related to the Microsoft Passport that they promoted for web single sign-on at the end of the nineties?
A: The original Microsoft Passport that Microsoft promoted at the end of the nineties was an HTTP and cookie-based single sign-on solution for Microsoft websites and eventually other 3rd party commerce websites. Passport had to cope with some significant security and privacy flaws and consequently received a lot of criticism from security and privacy advocates. Microsoft Passport was later renamed to Windows Live ID and currently survives in the Microsoft Account. The latter has become Microsoft’s single sign-on service to let users to log on to Microsoft websites (such as Outlook.com), Windows Operating System-based devices (computers, tablets and smartphones), and Microsoft applications (such as Visual Studio) using a single account.
The Microsoft Passport introduced in Windows 10 is not related to this older Passport version – though it is also an authentication solution. The new Microsoft Passport has more of an enterprise-focus and is positioned as a strong and password-less authentication solution. It builds on public and private key cryptography and certificates, and hardware-based TPM security and can authenticate users using a PIN, smart card or biometric data against an Azure or on-premise Active Directory (AD), or against third-party services supporting Fast ID Online (FIDO)-based authentication. FIDO defines a set of open mechanisms for strong password-less authentication and is pushed by the FIDO Alliance – see the following URL for more information on FIDO: https://fidoalliance.org/about/overview/. More Windows 10 Microsoft Passport details can be found here: https://technet.microsoft.com/en-US/library/mt126165.aspx.