Microsoft States It's Time to Kill Off the Password

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Jan 2, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    37,005
    Likes Received:
    6,077
    GPU:
    AMD | NVIDIA
  2. JonasBeckman

    JonasBeckman Ancient Guru

    Messages:
    16,045
    Likes Received:
    1,943
    GPU:
    AMD S. 5700XT Pulse
    Error?

    Although I can understand having fingerprint, iris or face scan as a alternative if the system supports the tech, nothing wrong with having both though but obviously the password needs to be something besides abc123 and common terms ha ha.
     
  3. anticupidon

    anticupidon Ancient Guru

    Messages:
    4,589
    Likes Received:
    1,151
    GPU:
    Polaris/Vega/Navi
    Hilbert,the link points to no article.
    I google it, and there are several sources to that title.
    Ok, now on the topic .
    Microsoft, by saying that impllies that you ought to use Windows 10,right?And Windows Hello was a few days ago fooled by a photo by SYS german security firm.I am not saying that this will stay that way and it will be improved, but opens a new can of worms:
    What if:
    I use my computer and my spouse on the same accoount?
    Do i need to change my shaving habits in order to be accepted by Hello?
    I may add facial tatoo or body piercings, or suffered facial wounds/scars, will it be accepted, or go back to the old deprecated password?

    i can image this scenario: get a good photo of someone from social network, 3d print it, and fool Windows Hello.
     
  4. mbk1969

    mbk1969 Ancient Guru

    Messages:
    8,580
    Likes Received:
    5,479
    GPU:
    GeForce GTX 1070
    We can add work in room without lights. Will facial recognition work in the dark room?
     

  5. Thalyn

    Thalyn Member Guru

    Messages:
    113
    Likes Received:
    7
    GPU:
    ASUS Strix GTX 980 DCU2
    Any for of biometrics which works off a stationary input (facial recognition and fingerprints, typically) should not be used as a password. After all, the worst password you can ever have is one you leave/show everywhere and pretty much cannot change. These are, at best, user names.

    Passwords need to be something which requires a living subject to be present, or at least something which can be easily altered in the event you become compromised.
     
    airbud7, Evildead666 and mbk1969 like this.
  6. foxx1337

    foxx1337 Member

    Messages:
    13
    Likes Received:
    3
    GPU:
    MSI Vega 56 AB OC
    This, one thousand times. The face/fingerprint/iris/blood is the USERNAME and not the password. You would expect that someone from their "top 1% talent" in there would have had that common sense already, or maybe it's the project managers' idea and maybe those guys come from the toilet of intellectuality instead of the 1%...
     
    RzrTrek and Evildead666 like this.
  7. mbk1969

    mbk1969 Ancient Guru

    Messages:
    8,580
    Likes Received:
    5,479
    GPU:
    GeForce GTX 1070
    As I take it MS adopted Agile and Scrum, so they have no project managers. They are feature owners and scrum masters now.
     
    Last edited: Jan 2, 2018
  8. Evildead666

    Evildead666 Maha Guru

    Messages:
    1,281
    Likes Received:
    265
    GPU:
    Vega64/EKWB/Noctua
    100% Agree.

    Biometrics is a Username, NOT a password.
    It identifies you, it cannot be used as a password, as it cannot be revoked or changed.
     
  9. RzrTrek

    RzrTrek Ancient Guru

    Messages:
    2,358
    Likes Received:
    640
    GPU:
    RX 580 ❤ MESA 19.2
    That would make more sense, but then again, with all of the data mining going on, I rather not have them sell my fingerprints to the authorities.
     
  10. bigfutus

    bigfutus Master Guru

    Messages:
    524
    Likes Received:
    44
    GPU:
    MSI GTX 1080 Ti
    Microsoft go home you're drunk.
     

  11. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    4,699
    Likes Received:
    1,504
    GPU:
    HIS R9 290
    Is MS trying to commit suicide? How are their people so blind to the fact that this is going to heavily backfire?

    I never thought about biometrics as just the username, but that is a good idea. As I've said before, facial recognition makes for terrible security, as do iris scanners and the touch-based fingerprint readers. Swiping fingerprint readers can be ok, as long as the device doesn't have glossy surfaces where your fingerprint can easily be extracted. Retinal scanners ought to be pretty safe, but, they're also inconvenient to the user. But if you use these things as a way to just simply identify yourself, that could be a good idea.

    EDIT:
    I wonder if having proper facial recognition in addition to simultaneous fingerprint scanning would make for decent security. It's not difficult to spoof one, but you have to be really prepared to spoof both at the same time.
     
  12. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,071
    Likes Received:
    1,331
    GPU:
    2 x GeForce 1080 Ti
    Biometrics is undoubtedly useful. I use facial recognition on my Surface Pro 4, and I also use my fingerprint and/or iris to log into my phone (I only use the passcode after a restart, and only because it forces me to). It's a lot faster, more convenient, and it's probably more secure as well.

    The fact is, most people use simple, common passwords, and never really change them. I too don't want to bother with remembering passwords, which is why I use a password manager. Biometrics will probably be a lot more secure overall (it's not entirely foolproof, but what is?).
     
  13. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    4,699
    Likes Received:
    1,504
    GPU:
    HIS R9 290
    Useful, yes. Faster, debatable. Convenient, definitely. More secure, absolutely not (assuming you don't use idiotic passwords).

    For the average layman on an everyday basis, sure, biometrics is probably a better route. But for anyone who cares about security, having a complex and lengthy password is more foolproof than your fingerprint, face, iris, voice, or DNA. Once you get to around 10 characters, a password isn't worth brute-force cracking anymore. Remember - just because the computer doing the hacking could potentially crack the password in a matter of hours, it's the receiving end that has to handle all those requests. So, it could still take a lifetime to crack such a password.
     
  14. Clouseau

    Clouseau Ancient Guru

    Messages:
    2,441
    Likes Received:
    272
    GPU:
    ASUS STRIX GTX 1080
    And in the near future...some individuals will be walking around with an eye patch and a missing index finger or hand.

    Tin Foil Hat time... it all about having finger prints and facial features at the ready to convict anyone at the authority's leisure (trumped up charges).

    Reality wise, this is all just a matter of time. Just think it ridiculous that a home computer used for casual use needs such security measures.
     
  15. cowie

    cowie Ancient Guru

    Messages:
    13,205
    Likes Received:
    299
    GPU:
    GTX
    we will all have to like whatever ms says anyways
    I still do think a 15 year old with a picture of the user and a basketball will hack the crap out of it.
    pretty soon it wont be just them stealing your ID but your eyeballs fingers and other body parts
     

  16. RealNC

    RealNC Ancient Guru

    Messages:
    3,131
    Likes Received:
    1,355
    GPU:
    EVGA GTX 980 Ti FTW
    Maybe it's time to kill off Microsoft.
     
  17. kruno

    kruno Master Guru

    Messages:
    258
    Likes Received:
    70
    GPU:
    4890/1
    Actually you want scary story ..., it already happened,years ago Mercedes introduced their new lock on new top of the line Merc's that could be opened just with owners fingerprints.It was couple years ago so i don't remember all of details of the story (year when it happened ..),but story goes that some thieves in Malaysia cut owners hand to get Mercedes since there was no keys to unlock and start car just owner's fingerprints.That story was huuuge years ago.
     
  18. JTBIRCH

    JTBIRCH New Member

    Messages:
    3
    Likes Received:
    0
    GPU:
    16GB Corsair Vengance
    Although not really mentioned, this ability was added not so long ago..
    Multi-factor device unlock
    https://blogs.technet.microsoft.com...ay-from-passwords-deploy-windows-hello-today/

    IMO at the end of the day, not all users are using passwords appropriately, organisations I've worked with are trying to curb this attitude by making authentication simpler / encouraging passphrases over passwords however password resets still make up a huge portion of service desk calls - This hasnt been limited to 1 or 2 companies but almost all I've worked with. Its up to the organisations to decide between Usability and Security however I think Microsoft are giving them some genuinely useful solutions.
     
  19. Prince Valiant

    Prince Valiant Master Guru

    Messages:
    700
    Likes Received:
    61
    GPU:
    EVGA GTX 1080 ti
    No substitute for a strong password, especially if you change it consistently.
     
  20. kegastaMmer

    kegastaMmer Master Guru

    Messages:
    300
    Likes Received:
    30
    GPU:
    strix 1070 GTX
    on a side note, for the not so savvy reading this thread, please change your passwords from <countryname>1234, <mother'sname>2345 , <verycommonnames>1234 to something easy to remember but not easy to crack, for eg. " y0ud0n0tm3s5w1thth3z0hAn " or "wh3n_3v3ry0n3_n33d5_2_c0m3_1_n33d_2_kum"
     

Share This Page