Blog
- 11
- Jun 2019
Microsoft Goes Passive on Passwords
Microsoft recently announced it will not enforce password policies that require you to change your Windows password periodically. One reason is that most passwords and password changes are pathetic. Microsoft’s Windows Hello can eliminate some password requirements now, and it will eliminate more as website owners and developers catch on. Right now, it’s available for Windows 10 Home and Business users.
Windows Hello logs you into your Windows devices three times faster than a password, using your camera to recognize your face or a fingerprint reader. Just to put you at ease from the start, you can always keep your PIN as a backup.
Windows Hello addresses our biggest concerns with passwords:
- Because strong passwords can be difficult to remember, many of us reuse passwords on multiple websites. If your password is hacked and works on one site, you can bet that cybercriminals will use it on every site they know you visit.
- Server breaches can expose symmetric network credentials, which is a technical term for passwords.
- Passwords are subject to replay attacks, which happen when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties. Consequences can include redundant orders of an item.
- Users can inadvertently expose their passwords due to phishing attacks.
We’ve cited all of them in one way or another when discussing the need to be extremely careful about what you click on a website or in an email.
Right now, Windows Hello lets you authenticate access to:
- A Microsoft account
- An Active Directory account
- A Microsoft Azure Active Directory (Azure AD) account
- Identity Provider Services or Relying Party Services that support Fast ID Online (FIDO) v2.0 authentication, which is now an official web standard for making the web more secure – and usable – for users around the world
The last item in that list will be the key to implementing better security for everyone who has a presence on the internet. Even though we have a way to go before it’s fully implemented, Hello can give you a head start.
After an initial two-step verification during enrollment, Hello is set up on your device. Windows asks you to set a gesture, which can be a biometric, such as a fingerprint, or a PIN, which Windows uses through Hello to authenticate users. It works across all Windows 10 devices. Individuals can create a six-digit PIN or a biometric on their personal devices. Unlike the business application, it is not backed by a public/private key or certificate-based authentication, but it’s still more secure than passwords.
PINs provide better security because you still need the device to access websites – or ATMs. Someone may know your number, but unless they have your device or ATM card, they can’t get access.
For businesses, we’ll help you set up Hello for your organization, including setting policies to help you manage access to computers and mobile devices. This will eliminate the practice of employees in an office putting their passwords on sticky notes that they attach to monitors. (Did you ever stop to think that anyone in your cleaning service can empty your data files as easily as they empty your trash cans?)
In our opinion, Hello is the most compelling reason to update your Windows 10 operating system or upgrade from Windows 7 to Windows 10. Again, we can’t over-emphasize that Microsoft will discontinue its technical support for Windows 7 in February 2020, and that will leave security holes in an already out-of-date, obsolete OS.
Windows 10 will step you up to the next level of security and protection and put you on track to take advantage of advances as they happen. Technology changes fast, and security improvements are always significant. Call us – 973-433-6676 – or email us to talk about upgrading to Windows 10 or adding Hello to your personal or business systems.
Categories
Comments
Recent Posts
Recent Comments
- D. J. Hawkins on Health Wearables in Style at CES
- Allan Berger on Tech Preps for Trips
- Stan Schnitzer on We’re Not Neutral on Net Neutrality
- Allan Berger on Equifax and Protecting Your Identity
- Michael L. on Brave New Wireless World
Archives
- December 2024
- November 2024
- October 2024
- September 2024
- July 2024
- June 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- June 2022
- May 2022
- April 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- July 2017
- June 2017
- May 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012