Keeping your PC secured is number one priority for anybody. Privacy, important Data or the idea that “this PC belongs to me” are some of the reasons. What comes haunting post this, are complex passwords and pins. Companies haven been trying to simplify this because people want it secure, but they also want it convenient, when it comes to unlocking. Right from Fingerprint sensors to Windows Hello.
Well, we are still lazy, and thanks to the futuristic movies, we want our PC to be unlocked when they feel our presence. We are on our way to that, and Microsoft has published a document which talks about Companion Device Framework. This technology allows you to unlock your device when a companion device like a Smart Band, Phone or any hardware is around your PC.
That said, the mechanism isn’t that simple. A simple password exchange between PC and the device is not what Microsoft wants to implement. After all its about security. This Companion Device Framework is implemented as a service running on Windows This service is responsible for generating an unlock token which needs to be protected by an HMAC key stored on companion device. This guarantees that access to the unlock token requires companion device presence. Per each (PC, Windows user) tuple, there will be a unique unlock token.
Once your PC knows that a companion device is in place, it just won’t unlock your PC unless it knows that its actually you. What happens if you forgot your Phone around your PC? It will way to easy for anybody to unlock it. This is where the User signals comes in place. The companion device might, for instance, need a PIN before it can be used for unlocking PC (not to be confused with PC PIN), or it might require press of a button.
Can any app developers make this companion app? Answer is no. The Companion Device Framework is a specialized feature not available to all app developers. To use this framework, your app must be specifically provisioned by Microsoft and list the restricted secondaryAuthenticatorFactor capability in its manifest. To get approval, contact [email protected].
Microsoft is also supporting devices which come with Biometric. Like any phone, including Android with Fingerprint sensor or such as Lumia 950 XL with Windows Hello can act as user signal to unlock the PC.
You can read in much detail here