When Microsoft’s Windows 10 launches Wednesday, a lucky few users will be greeted at the login screen by a cartoon eyeball that appears to want to lock eyes with its owner. Do so, and it will activate a 3-D face scan that signs in users in seconds, no password required. The Windows team calls this snappy new login feature “Hello.”
“It’s our way of saying goodbye to passwords,” says Chaitanya Sareen, Microsoft’s principal program manager on Windows. Judging by Sareen’s recent demonstration to TIME, the feature is even more seamless than the iPhone’s thumb scanner — you don’t even have to lift a finger to use it.
“It’s actually using different dark and light shadows on the contours of my face,” says Sareen. “If it was pitch dark it would still sign me in.” That’s because Hello works with Intel’s Real Sense 3-D camera, which bathes the user’s face in infrared light, penetrating facial hair and dim lighting conditions.
Naturally, face scanning devices raises privacy concerns. Microsoft says facial data, like fingerprint and thumbprint data, is encrypted and stored locally on the device. At no point will it ever lift off into the cloud, according to Sareen. “Even if a hacker got [the data], you could still not reverse engineer my face, my fingerprint or my iris.”
Should those security claims stand the test of time, biometric logins could offer a more secure alternative to passwords, which are often still shockingly easy to crack. The most commonly used password among victims of cybertheft alternates between “password” and “123456,” according to cybersecurity firm SplashData.
But don’t bid farewell to your passwords just yet. For now, Windows 10’s Hello feature will only be available on devices that come equipped with Intel’s camera. That’s a paltry list of 11 devices so far, plus another four only available in Japan. Microsoft says it’s prodding hardware manufacturers to broaden the selection of devices equipped with 3D cameras, though the price of the technology may prove prohibitively expensive to budget shoppers. In other words, the hardware will take some time to catch up with the software before users can kiss their passwords goodbye.