The Problem With Windows 8's Picture Password 206
alphadogg writes "The Windows 8 feature that logs users in if they touch certain points in a photo in the right order might be fun, but it's not very good security, according to the inventor of RSA's SecurID token. 'It's cute,' says Kenneth Weiss, who now runs a three-factor authentication business called Universal Secure Registry. 'I don't think it's serious security.' The major downside of the picture password is that drawing a finger across a photo on a touch screen is easy to video record from a distance — making it relatively easy to compromise, he says."
Re:In other news (Score:5, Funny)
All that said, I think it’s a pretty stupid feature ;p
Ah, but if you imagine goatse as the login photo...how brilliant is that?
cheers,
Windows 8 security sucks, but... (Score:5, Funny)
How many memorable ways can one gesture a photo? (Score:5, Funny)
So QUERTY becomes "Head, Shoulders, Knees and Toes". I'm guessing in many cases that the picture itself would suggest how it was to be interacted with.
Re:How many memorable ways can one gesture a photo (Score:5, Funny)
Re:Unlike any other authentication... (Score:3, Funny)