Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

// Home / Blogs

Posted on June 29th, 2010 by Jon Honeyball

Please, Microsoft, let Windows 8 banish passwords

Password SecurityFor me, the most important part of the recent leak of Windows 8 material (assuming it is real, of course) is the use of facial recognition to do login authentication. We know that passwords are a pain in the bum of sysadmins all over the world. Of course, we enforce all kinds of things to attempt to make them more secure — forcing regular changes, disallowing certain words and patterns, ensuring passwords can’t be reused too quickly and so forth.

But the simple fact is that passwords are mediocre at best, and wholly insecure at worst. We need something better. I’m quite a fan of smart cards and fingerprint readers — these seem to offer some good technology especially when you want to encrypt the hard disk. So powering up the machine without the smart card can, for example, scramble the hard disk contents.

But these solutions have been esoteric at best, and limited to the hard core security paranoid users. We need a much stronger solution which is right across the board. Now given that almost everything comes with a fairly decent webcam built in, it seems perfectly logical to use this as an authentication parameter, maybe in combination with a secondary authenticator for secure systems. Facial recognition is an obvious solution.

So I’m pleased to see this expressly mentioned as an authentication mechanism for Windows 8. Couple it to fingerprints too, and maybe we can banish passwords forever?

Tags: ,

Posted in: Rant, Real World Computing

Permalink

Follow any responses to this entry through the RSS 2.0 feed.

You can skip to the end and leave a response. Pinging is currently not allowed.

15 Responses to “ Please, Microsoft, let Windows 8 banish passwords ”

  1. David Says:
    June 29th, 2010 at 4:08 pm

    Let’s just hope someone doesn’t take a photo of you, easier than cracking a password ;)

     
  2. Steve Cassidy Says:
    June 29th, 2010 at 4:40 pm

    I am reminded of the Top Gear episode in Japan with Clarkson stampeding the motorways in a GT-R, equipped with a Bill Oddie facemask for the speed cameras…

     
  3. deetem Says:
    June 29th, 2010 at 9:03 pm

    Jon, FingerPrint recognition is built in to Windows 7…I use it daily to log on to my ThinkPad.

    But what i’m most impressed with in Win 7 is DirectAccess – i must save an hour or so per week by having an always on vpn connection rather than having to stick the old smartcard in and vpn’ in!

     
  4. AnonnyMuss Says:
    June 29th, 2010 at 10:34 pm

    What about others accessing a service when you’re not there? Plenty of instances of people sharing a user/pass for access to an account etc.

     
  5. Muck Says:
    June 29th, 2010 at 10:50 pm

    and I thought you were sick and tired of Windows..

     
  6. Tim Says:
    June 30th, 2010 at 10:01 am

    Just don’t let your evil twin know about it – though presumably facial recognition will pick up on his evil goatee.

     
  7. Matt Says:
    June 30th, 2010 at 10:49 am

    i have face login via my webcam on windows 7

     
  8. stokegabriel Says:
    June 30th, 2010 at 8:25 pm

    I just want all my data in one place PLEASE!! Why is this so difficult, what is the compelling reason to spread it about all over the place. It would just backing up all my important data SOOO much easier.
    Anyway Windows 8 will probably be no good, consider the facts.

    Win 95…Good
    Win 98…Crap
    Win 98SE…Good
    Win Me…Crap
    Win XP…Good
    Win Vista…Crap
    Win 7…Good
    Win 8… Place your bets!

    Notice a trend here?

     
  9. stokegabriel Says:
    June 30th, 2010 at 8:32 pm

    Of course in the interest of balance, Win 7 could really be considered Win Vista SE ( the clue is Vista is Win 6.0 and Win 7 is Win 6.1) in which case Win 8 could be good, and it’s Win 9 that you are going to have to worry about!

     
  10. David Wright Says:
    July 1st, 2010 at 7:39 am

    Stokegabriel, I would dispute your good/bad ratings. 98 was much better than 95, Me was bad, 2000 was good, XP was bad (it is what drove me to Linux), but Vista and 7 are huge improvements over XP!

    Anyway, back to the topic of recognition, I wrote a long reply yesterday, but it disappeared somewhere! :-S

    We currently use fingerprint recognition on some of our notebooks here (the newer ones have fingerprint scanners) and Windows 7.

    But the current system doesn’t use the fingerprint itself to identify the user, it uses a normal password, which is then associated with a specific set of fingerprints.

    That leads to problems, where the user gets used to using their finger to log themselves in, only to work on a different machine, with no reader, and suddenly have to use their password again, or they need to log into Exchange’s OWA pages on the road etc. 90% of the time, that leads to a password reset and showing them how to re-register their fingerprints with the new password…

    In fact, for a couple of users, I’ve given up and disabled the fingerprint recognition, because it is too much hassle!

    If the face recognition is to work, it needs to be universal – every device which connects to the network and every service which is available on the network, needs to use that face recognition, and the face recognition MUST BE the password, not a shortcut linked to the real password!

    That means that it must be rolled out to Symbian, Android, iOS and Windows mobilephones, Windows computers, intranet authentication etc. otherwise we will still be stuck with face recognition being a “GUI” onto the passwords “command line”…

     
  11. Peter McIntyre Says:
    July 1st, 2010 at 9:37 am

    Will your computer age gracefully along with your face? Will it forget things at the same rate? Become nostalgic for the past? Refuse to log you in on a bad hair day? What about breath recognition instead? Then it could send you to brush your teeth.

     
  12. Richard Stevens Says:
    July 4th, 2010 at 3:49 pm

    Some Dell laptops are already using this. I was trying to log into the laptop as admin, but it kept insisting I was my client and logging me in as him. I could have understood this if we even looked vagely similar.

     
  13. Arcavexx Says:
    July 6th, 2010 at 12:29 pm

    Another challenge arises (passed is a more fitting word) for the hackers.

    The main flaw is security. Like anything else, if YOU can get in, someone else can.

    The use of user-images, or faked images / generators is a potential workaround i would guess.

    What will happen when malware starts to attack biometric authentication systems? There will have to be a backdoor to retrieve data, because it wont be as easy as brute forcing a password

     
  14. Derek Clarke Says:
    August 12th, 2010 at 10:11 am

    Biometric security is notoriously easy to circumvent if you’re hard enough.

    Do your fingerprint systems look for an active pulse in that finger?

    Does your face recognition know how to tell the difference between an active living face and a decapitated head?

    Does your retina scan still pass a disembodied eyeball?

    I’m sorry, but please keep passwords – I don’t want to lose body parts when I could simply tell them the password before the torture :-)

     
  15. Tim Massey Says:
    October 11th, 2010 at 6:56 pm

    What about Remote Admin for servers – how is that going to happen if the server needs to see you to log on and you are on a different continent?

     

Leave a Reply

Spam Protection by WP-SpamFree

* required fields

* Will not be published

Authors

Categories

Archives

advertisement

SEARCH
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2010