Microsoft States It's Time to Kill Off the Password
Click here to post a comment for Microsoft States It's Time to Kill Off the Password on our message forum
JonasBeckman
Error?
Although I can understand having fingerprint, iris or face scan as a alternative if the system supports the tech, nothing wrong with having both though but obviously the password needs to be something besides abc123 and common terms ha ha.
anticupidon
Hilbert,the link points to no article.
I google it, and there are several sources to that title.
Ok, now on the topic .
Microsoft, by saying that impllies that you ought to use Windows 10,right?And Windows Hello was a few days ago fooled by a photo by SYS german security firm.I am not saying that this will stay that way and it will be improved, but opens a new can of worms:
What if:
I use my computer and my spouse on the same accoount?
Do i need to change my shaving habits in order to be accepted by Hello?
I may add facial tatoo or body piercings, or suffered facial wounds/scars, will it be accepted, or go back to the old deprecated password?
i can image this scenario: get a good photo of someone from social network, 3d print it, and fool Windows Hello.
mbk1969
We can add work in room without lights. Will facial recognition work in the dark room?
foxx1337
This, one thousand times. The face/fingerprint/iris/blood is the USERNAME and not the password. You would expect that someone from their "top 1% talent" in there would have had that common sense already, or maybe it's the project managers' idea and maybe those guys come from the toilet of intellectuality instead of the 1%...
mbk1969
Evildead666
RzrTrek
bigfutus
Microsoft go home you're drunk.
schmidtbag
Is MS trying to commit suicide? How are their people so blind to the fact that this is going to heavily backfire?
I never thought about biometrics as just the username, but that is a good idea. As I've said before, facial recognition makes for terrible security, as do iris scanners and the touch-based fingerprint readers. Swiping fingerprint readers can be ok, as long as the device doesn't have glossy surfaces where your fingerprint can easily be extracted. Retinal scanners ought to be pretty safe, but, they're also inconvenient to the user. But if you use these things as a way to just simply identify yourself, that could be a good idea.
EDIT:
I wonder if having proper facial recognition in addition to simultaneous fingerprint scanning would make for decent security. It's not difficult to spoof one, but you have to be really prepared to spoof both at the same time.
D3M1G0D
Biometrics is undoubtedly useful. I use facial recognition on my Surface Pro 4, and I also use my fingerprint and/or iris to log into my phone (I only use the passcode after a restart, and only because it forces me to). It's a lot faster, more convenient, and it's probably more secure as well.
The fact is, most people use simple, common passwords, and never really change them. I too don't want to bother with remembering passwords, which is why I use a password manager. Biometrics will probably be a lot more secure overall (it's not entirely foolproof, but what is?).
schmidtbag
Clouseau
And in the near future...some individuals will be walking around with an eye patch and a missing index finger or hand.
Tin Foil Hat time... it all about having finger prints and facial features at the ready to convict anyone at the authority's leisure (trumped up charges).
Reality wise, this is all just a matter of time. Just think it ridiculous that a home computer used for casual use needs such security measures.
cowie
we will all have to like whatever ms says anyways
I still do think a 15 year old with a picture of the user and a basketball will hack the crap out of it.
pretty soon it wont be just them stealing your ID but your eyeballs fingers and other body parts
RealNC
Maybe it's time to kill off Microsoft.
kruno
JTBIRCH
https://blogs.technet.microsoft.com/mmpc/2017/10/23/move-away-from-passwords-deploy-windows-hello-today/
IMO at the end of the day, not all users are using passwords appropriately, organisations I've worked with are trying to curb this attitude by making authentication simpler / encouraging passphrases over passwords however password resets still make up a huge portion of service desk calls - This hasnt been limited to 1 or 2 companies but almost all I've worked with. Its up to the organisations to decide between Usability and Security however I think Microsoft are giving them some genuinely useful solutions.
Although not really mentioned, this ability was added not so long ago..
Multi-factor device unlock
Prince Valiant
No substitute for a strong password, especially if you change it consistently.
kegastaMmer
on a side note, for the not so savvy reading this thread, please change your passwords from 1234, 2345 , 1234 to something easy to remember but not easy to crack, for eg. " y0ud0n0tm3s5w1thth3z0hAn " or "wh3n_3v3ry0n3_n33d5_2_c0m3_1_n33d_2_kum"
RealNC
This is a bit sinister, but I wonder what MS would have to say about the case where law enforcement could illegally use physical violence to force you to unlock a device by putting your finger on the scanner against your will.
This doesn't work with a password and they need to go through the proper procedures to legally order you to unlock the device.
If I put my tinfoil hat on, I'd say MS is doing government agencies some favors here. The only reason I don't put that hat on, is that these devices have so many backdoors anyway, they don't actually need you to unlock it 😛
D3M1G0D