How much of a security boost will Windows 8's gesture based "password" provide?


The idea of using finger movements to log to tablet PCs seems interesting, even as it makes me think of something I would see on an old episode of Star Trek. The way it works, as I understand it, is that users choose a photo and then make a series of finger movements like circles and lines on the appropriate place of the photo in a set sequence instead of picking a password. In light of how common the use of "password" is as a password, I can't help but think this will be an improvement to some users. Do you think that it will be a benefit to those of us that use more secure passwords, or is this gesture based login of primary benefit to those with extremely weak passwords? I mean, sure, my "1234asdf" password is awesome, but.....

Topic: Security
Answer this Question


2 total
Vote Up (20)

Well, what's to stop users from using the easiest gestures imaginable? As you pointed out some people are lazy and use the most obvious things for their passwords. Will there be gesture equivalents of this?

And will there be ways to hack or otherwise get around these gestures? I suspect there will be at some point. So perhaps it will just end up being a moot point as far as long term security goes?

Boy, I sound a bit cynical here don't I? Heh, heh. Maybe I've been around too long and I just tend to roll my eyes at the latest & greatest security mechanisms. Time will tell on this, I suppose.

But a lazy user is still a lazy user, whether they use gestures or passwords.

Vote Up (19)

Well, I do like the idea of picking out a photo that lets me poke my mother-in-law in the eye then draw a smilie face on myself each time I want to log on.  (I kid, I kid, I actually like my mother-in-law).  As was noted, there are so many users that have passwords that make me cringe and are so weak they might as well not use one, so ANY improvement will be welcome.  I know that some people have concerns that someone could look over your shoulder and memorize log in gestures, but I don't see that as being much more of a risk than someone peeking at you type in your password.  What I am curious about is whether this gesture based login will extend to applications, and if so, I think it is a step forward for tablet security.

Ask a question

Join Now or Sign In to ask a question.
IBM has added to its security software portfolio with the purchase of Italian access control and identity management firm CrossIdeas for an undisclosed sum, the companies said Thursday.
A group of attackers with links to the Chinese hacking underground has been targeting companies from the entertainment and video game industries for years with the goal of stealing source code.
After years of cajoling their users into sharing every thought, emotion and selfie, online firms are seeing that providing more private online spaces might also be profitable.
Linux’s creator goes on another epic rant
A zero-day flaw in a software driver in Symantec's widely used Endpoint Protection product may be tricky to fix.
A security audit of 10 popular Internet-connected devices -- components of the so-called "Internet of things" -- identified an alarmingly high number of vulnerabilities.
It's generally accepted that antivirus programs provide a necessary protection layer, but organizations should audit such products before deploying them on their systems because many of them contain serious vulnerabilities, a researcher warned.
The secure mobile vendor wants to be more secure.BlackBerry plans to buy a German vendor specializing in voice encryption.
The EU court ruling that gives people the "right to be forgotten" by search engines is misguided in principle and unworkable in practice, said a U.K. House of Lords subcommittee Wednesday.
An open-source project has released the first free application for the iPhone that scrambles voice calls, which would thwart government surveillance or eavesdropping by hackers.