from the guy-with-a-video-camera-also-a-threat dept.
alphadogg writes "The Windows 8 feature that logs users in if they touch certain points in a photo in the right order might be fun, but it's not very good security, according to the inventor of RSA's SecurID token. 'It's cute,' says Kenneth Weiss, who now runs a three-factor authentication business called Universal Secure Registry. 'I don't think it's serious security.' The major downside of the picture password is that drawing a finger across a photo on a touch screen is easy to video record from a distance — making it relatively easy to compromise, he says."
"No, no, I don't mind being called the smartest man in the world. I just wish
it wasn't this one."
-- Adrian Veidt/Ozymandias, WATCHMEN