Why Win8 Picture Password is Not Secure

Windows 8 includes a slick feature intended to make it easier to log in: Picture Password. You select a photo that will be displayed on the login screen and then setup a simple gesture that you “draw” on the image to login.

It makes quickly logging in easy, especially if you use strong passwords and you use a touch screen. And given Windows 8 pretty much requires you to link your Windows login to your Microsoft account you should use a strong password!

However, don’t be confused: Windows 8 Picture Password is not really secure and can easily be hacked. A picture is worth a 1000 words from our DELL XPS ONE 27:

picpass

It is pretty clear that the gesture to unlock is to draw a smiley face on Benny.

Of course on a non-touch screen where you’d use the mouse to draw the gestures this wouldn’t happen.

Cool feature, but understand the limitations.

© Charlie Kindel. All Rights Reserved.