September 3rd, 2024

Enhancing your Visual Studio authentication experience

Ruben Rios
Senior Program Manager

The current cyber security climate demands that applications not only provide outstanding features but also prioritize the security of user data. Applications like Visual Studio rely on token-based authentication to access resources on your behalf. While effective, token-based authentication can be susceptible to attacks if not properly protected. Today, we are happy to announce that starting with the Visual Studio 17.11 update, we are helping better protect your credentials by making the Windows authentication broker, also known as WAM (Web Access Manager), the default authentication method for Visual Studio 2022.

A screenshot of a computer

Description automatically generated

Benefits of Using WAM

Enhanced Security

One of the most significant advantages of WAM is the enhanced security it offers you. By supporting conditional access policies that create a cryptographically secure tie between the token and your device, WAM helps mitigate common vulnerabilities associated with token-based authentication. In addition, WAM can leverage rich OS capabilities such as Windows Hello & FIDO (Fast ID Online) keys to streamline your experience while helping ensure your credentials are better protected against bad actors.

Simplified User Experience

Beyond enhancing your security, WAM seamlessly integrates with the Windows account infrastructure, helping to provide you with a consistent and reliable authentication experience across your applications.

This integration helps reduce the overall number of authentications prompts you see inside Visual Studio and allows you to leverage your accounts without having to remember and constantly re-enter your credentials.

Getting started with WAM

To begin leveraging the benefits of WAM, ensure that your Visual Studio is updated to version 17.11 or later. Once updated, WAM will be enabled by default, and you can start experiencing the enhanced security and productivity it offers.

You can validate that WAM is enabled by opening the Accounts settings under Tools > Options:

Select web authentication broker from the dropdown.

Check our docs for additional details regarding using WAM inside Visual Studio 2022.

Let us know about your experience

We continue to prioritize the security and usability of Visual Studio and are committed to providing the tools and resources you need to build secure, high-performing applications.

We look forward to sharing more about what’s next for security. In the meantime, we hope that you enjoy the new WAM authentication experience in Visual Studio and that it makes your development workflow more productive.

If you experience any issues or have feedback, please let us know by using the Report a Problem tool in Visual Studio or by posting on the Developer Community or in the comments below. We value your input, and we are always working to improve Visual Studio based on your needs and suggestions.

Thank you for using Visual Studio and happy coding!

Author

Ruben Rios
Senior Program Manager

Ruben is a Program Manager on the Visual Studio IDE platform team. During his time at Microsoft, he’s helped build tools and services for web & mobile devs in both Visual Studio and the Microsoft Edge F12 dev tools. Before joining Microsoft, he was a professional web developer and has always been passionate about UX.