Microsoft Security announcements and demos at Authenticate 2024

session title

Session Description

hour

Password Keys for Windows: Paving the Way to a Seamless Future!

UX Basics

Explore the future of secret key authentication in Windows. Explore an enhanced UX powered by Microsoft AI and designed to deliver a seamless experience across platforms. Please join us in paving the way to a password-free world.

speaker:

Sushma K. Senior Program Manager, Microsoft

Ritesh Kumar Software Engineer, Microsoft

October 14th

12:00 – 12:25 PM

Passkeys in Windows: A new platform feature

Technical Basics and Features

This is an exciting year to bring great password features to Windows users. In this session, we will discuss the new features for synchronized secret keys protected by Windows Hello and explore the plug-in model for third-party secret key providers to integrate with the Windows environment. Taken together, these features make it easier for users to use their secret keys whenever they need them, with the experience, flexibility, and durability that users have come to expect when using secret keys in Windows.

speaker:

Bob Gilbert Software Engineering Manager, Microsoft

October 14thDay

2:30 – 2:55 PM

We love encryption keys. But how can you convince billions of users?

keynote

It is clear that cryptographic keys will be a key component of a passwordless future. The usability and security benefits are clear. What’s not clear is how to actually convince billions of users to break away from their decades-old relationship with their passwords and switch to something new. Join us as we share insights on how to accelerate adoption as user, platform, and application requirements continue to evolve. Messaging, security implications,

Learn how going passwordless changes the concept of account recovery.

speaker:

Scott Bingham Senior Product Manager, Microsoft

Sangeeta Ranjit Group Product Manager, Microsoft

October 14thDay

5:05 – 5:25 p.m.

Stop calculating actors… Start describing authentication events

vision and future

Because passwords don’t provide enough security, we’re starting to deploy multi-factor authentication. More elements ensure more security. Right? Yes, but authentication attacks such as credential stuffing and phishing continue to occur! The identity industry needs to stop thinking about the quantity of authentication factors and start thinking about the nature of authentication events. As we move into the era of cryptographic keys, it is time to consider how to describe the properties of authentication events. In this talk, we will show how identity providers and relying parties can deliver a consistent and configurable set of authentication properties. To raise the security bar and provide accountability, these properties must communicate not only the authentication event, but also the security primitives that underlie the event itself. These properties can be used to make authentication and authorization decisions in standalone and federated environments, ensuring that security controls are applied clearly and consistently.

speaker:

Pamela Dingle Director of Microsoft Identity Standards

Dean H. Saxe Chief Engineer, Beyond Identity CTO Office

October 16thDay

10:00 – 10:25 AM

Import your password key to your passwordless journey

corporate encryption key

While most enterprise customers are deploying or plan to deploy some form of passwordless credentials in the next few years, the industry is abuzz with anticipation for password keys. What do secret keys mean for your organization’s passwordless journey? Join the Microsoft Entra identity product team as we explore the impact of secret keys on the passwordless ecosystem and share insights from Microsoft’s own secret key implementations and customer experiences.

speaker:

Tim Larson – Senior Product Manager, Microsoft Identity Network and Access Security

Michael Epping – Senior Product Manager at Microsoft

October 16thDay

11:00 AM – 11:25 AM