The US Government has forced Microsoft to put its Passport Internet authentication system through regular security checks for the next two decades. The move came after the Federal Trade Commission (FTC) concluded that Microsoft had misled users over how well it protected their personal details.
The FTC launched its investigation into Passport following a series of complaints made against it last summer.
Passport is an online service that makes it possible for customers to use their e-mail address and password to sign in to any Passport-participating Web site or service. However it has raised many security and privacy concerns, some of which the FTC agreed with.
The FTC claims the settlement prohibits Microsoft from misrepresenting its privacy and security practices. It also requires Microsoft to establish a program to protect the security, confidentiality and integrity of its customers’ personal information. Microsoft is bound by the agreement for 20 years, and must undergo independent audits every two years to comply with the agreement.