1. Latest News
  2. Submit Press Release

Windows 8 Picture Password and PIN Authentication Have a Serious Flaw

Passcape Software has discovered a serious problem with the Picture password and PIN authentication methods in the upcoming release of Windows 8. Use them with caution, experts warn.

PRLog - Oct. 9, 2012 - Breaking new ground, Windows 8 boasts improvements in signing in to the system. The developers have not only made it more secure and faster (especially for touch-screen gadgets), but also more pleasant. It is no secret that the majority of users prefer simple numeric passwords or just do without them all together, thereby increasing the risk of hacking. Windows 8 next generation graphical login is neither time-consuming, nor forgettable. Users select a favorite image from their gallery of photos and a set of gestures, which appear over the image. The password is so personal and perfect for touch-screens, that signing in is even enjoyable.

The picture password is now being tested in the pre-release version for developers. In September, though, some drawbacks of the new authentication method were reported by Passcape Software. The picture password had seemed invulnerable, because whoever tries to guess it must know how and what parts of the image to choose, and in addition, the gesture sequence. However, security experts from Passcape discovered that such a unique password is based on a regular account. A user should first create a regular password-based account and then optionally switch to the picture password or PIN authentication. Notably, the original plain-text password to the account is still stored in the system and any local user with Admin privileges can decrypt the text passwords of all users whose accounts were set to a PIN or picture password. In this regard, the picture/PIN login cannot be considered the sole reliable means of ensuring data security against cracking.

Experts warned that users should not only rely on the security of the picture password. It is difficult to break, they agreed, but it is necessary to take additional measures to protect the original text password. Moreover, the text password can still be used to log in to the system, so perfect security in Windows 8 is still an issue for further innovations.

More information about the picture password vulnerability can be found on Passcape┬┤s blog:

Company web-site: http://www.passcape.com/

--- End ---

Click to Share

Contact Email:
***@softpressrelease.com Email Verified
Location:Russian Federation
Tags:windows 8, data security, computer security, password authentication
Verified Account Email Address
Verified Account Phone Number

Disclaimer:   Issuers of the press releases are solely responsible for the content of their press releases. PRLog can't be held liable for the content posted by others.   Report Abuse

Latest Press Releases By “


Trending News...

Like PRLog?
Click to Share