The current cyber security climate demands that applications not only provide outstanding features but also prioritize the security of user data. Applications like Visual Studio rely on token-based authentication to access resources on your behalf. While effective, token-based authentication can be susceptible to attacks if not properly protected. Today, we are happy to announce that starting with the Visual Studio 17.11 update, we are helping better protect your credentials by making the Windows authentication broker, also known as WAM (Web Access Manager), the default authentication method for Visual Studio 2022.
Benefits of Using WAM
Enhanced Security
One of the most significant advantages of WAM is the enhanced security it offers you. By supporting conditional access policies that create a cryptographically secure tie between the token and your device, WAM helps mitigate common vulnerabilities associated with token-based authentication. In addition, WAM can leverage rich OS capabilities such as Windows Hello & FIDO (Fast ID Online) keys to streamline your experience while helping ensure your credentials are better protected against bad actors.
Simplified User Experience
Beyond enhancing your security, WAM seamlessly integrates with the Windows account infrastructure, helping to provide you with a consistent and reliable authentication experience across your applications.
This integration helps reduce the overall number of authentications prompts you see inside Visual Studio and allows you to leverage your accounts without having to remember and constantly re-enter your credentials.
Getting started with WAM
To begin leveraging the benefits of WAM, ensure that your Visual Studio is updated to version 17.11 or later. Once updated, WAM will be enabled by default, and you can start experiencing the enhanced security and productivity it offers.
You can validate that WAM is enabled by opening the Accounts settings under Tools > Options:
Check our docs for additional details regarding using WAM inside Visual Studio 2022.
Let us know about your experience
We continue to prioritize the security and usability of Visual Studio and are committed to providing the tools and resources you need to build secure, high-performing applications.
We look forward to sharing more about what’s next for security. In the meantime, we hope that you enjoy the new WAM authentication experience in Visual Studio and that it makes your development workflow more productive.
If you experience any issues or have feedback, please let us know by using the Report a Problem tool in Visual Studio or by posting on the Developer Community or in the comments below. We value your input, and we are always working to improve Visual Studio based on your needs and suggestions.
Thank you for using Visual Studio and happy coding!