Two-factor authentication will come baked into Windows 10

By Shawn Knight · 20 replies
Oct 24, 2014
Post New Reply
  1. Nary a day goes by that we don't hear about a new security breach in which million of credit cards or passwords are stolen. With Windows 10, Microsoft is addressing modern security threats during its development in hopes of offering...

    Read more
  2. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,286   +903

    For access to the computer I think it's a bit too much, of course depends on the type of computer, on one hand we have personal home usage, which to have a phone nearby or 2 step pin generation doesn't sound like too much trouble but imagine having to do an additional step everytime you come nearby or leave your computer at home to get a coffee or dunno.

    In case of corporative computers I feel it's something that should be implemented, maybe with U2F security keys for a matter of convenience along a pin.
  3. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 9,733   +3,706

    Devices fail! What happens when they are required for authentication and you no longer have the device? I hope there is an alternative for getting authenticated.
  4. Arris

    Arris TS Evangelist Posts: 4,730   +379

    I'm sure a version of the "Forgotten password?" reset via SMS/Email/Security question for MFA will be included. My phone is already registered with my banking app as an "authorized" device. When changing phone I had to authorize again with multiple passwords/security passwords. I now only require 3 letters from a pass phrase and the device(guessing it uses the MAC address) but it still allows for access over web browser via traditional multi factor authentication (password and 3 letters from pass phrase).
  5. Runt1me

    Runt1me TS Rookie Posts: 30

    How will this prevent code being run or exploited on an active account/machine?
    Praying on the secirity hysteria that microsoft/google et al themselves created, just so they can sniff and map networks and monetise our biometrics.
    Rule 1: never trust a liar.
  6. VitalyT

    VitalyT Russ-Puss Posts: 3,670   +1,957

    Throughout the history what MS-Windows has been doing to its users is what a woman does to a man.

    It starts to be obvious that Windows is female. After all, it is Ms.Windows.
  7. captaincranky

    captaincranky TechSpot Addict Posts: 13,025   +2,557

    Shhh! The next thing you know, we'll have to buy our computers a dishwasher before we can log on.....:oops:
  8. Yeah, Miss Windows always want your money only and you get nothing for it.
    Infinity endless invisible hole.
  9. dividebyzero

    dividebyzero trainee n00b Posts: 4,891   +1,264

    Given the etymology and historical context of Hysteria, your analogy actually works on a level I don't think you'd even contemplated.
    The Windows brand....a practical example of Semiotics and the Pavlovian response.
  10. TheBigFatClown

    TheBigFatClown TS Guru Posts: 684   +254

    Anything you can pass off as being good for the "consumer" when it's more for the seller of the goods and services is always a good thing...for the seller. This just probably means that you won't be able to stream a Hollywood Movie to your computer until it has verified your DNA sample.

    I had thought for a short while that I might actually want to install Windows 10. But with each passing day it seems the answer is more of a Hell no then maybe.

    I think Windows 7 was the last Microsoft operating system I am ever gonna stay with for good. Oh sure, I will poke at 8, prod 9, feel up 10, but that's probably all that will ever happen.

    But who knows. Maybe we haven't crossed over into the land of no return.
  11. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 9,733   +3,706

    I think we have. The fact that we continue to request options and continually confronted by those who would not be effected by the increased options, prove it. There is one thing worse than being classified as sheep, that's feeling as though you are being treated as cattle with no escape.*closesmouthinshame*
  12. hitoshianatomi

    hitoshianatomi TS Rookie

    The two-factor authentication, though not a silver bullet, could be reliable when it comes with a reliable password. 2 is larger than 1 on paper, but two weak boys in the real world may well be far weaker than a toughened guy. Physical tokens and phones are easily lost, stolen and abused. Then the password would be the last resort. It should be strongly emphasized that a truly reliable 2-factor solution requires the use of the most reliable password.

    Using a strong password does help a lot even against the attack of cracking the stolen hashed passwords back to the original passwords. The problem is that few of us can firmly remember many such strong passwords.  We cannot run as fast and far as horses however strongly urged we may be. We are not built like horses.

    At the root of the password headache is the cognitive phenomena called “interference of memory”, by which we cannot firmly remember more than 5 text passwords on average. What worries us is not the password, but the textual password. The textual memory is only a small part of what we remember. We could think of making use of the larger part of our memory that is less subject to interference of memory. More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts.
    Skidmarksdeluxe likes this.
  13. captaincranky

    captaincranky TechSpot Addict Posts: 13,025   +2,557

    Do us a favor, spare us the zen password drivel. Nobody really needs to understand why we can't remember long passwords, just that we need to write them down.

    FWIW, "picture passwords", would be the perfect thing for the infamous Fischer-Price GUI, that is Windows 8.
    Last edited: Oct 25, 2014
  14. jobeard

    jobeard TS Ambassador Posts: 11,170   +989

    Put on your Administrator Hat and consider:
    1. Even my laptop has three users + the one admin account. If each is created and initialized by different persons, biometrics would make it impossible to use RUNAS or to login on accounts other than your own.
    2. Using remote desktop connection to help a user with 2F may be equally inhibited unless the remote user can provide the 2F data.
    3. Users joining a domain may have problems with remote administration.
    If there's an alternative authentication for the above, then 2F is a failure in concept even before you boot the system
  15. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    I use MS's 2 stage verification code and for the instance you stated above, you can still sign in using a previously issued code or you can get another code emailed to you. It's a hassle I know but rather safe than sorry.
    cliffordcooley likes this.
  16. ypsylon

    ypsylon TS Booster Posts: 114   +21

    Biometrics is not a perfect answer to protecting data or computer. Fingerprint is easy to falsify. Need a bit of time and slightly more effort.

    I don't think that 2 way authentication have any reasonable use for home PC. PINs are easy to crack, weak passwords are equally trivial. Fingerprint offers some relative protection, but for skilled thief it's nothing. I agree with voices that W7 really is/was last worthwhile OS from Macrocost. Efficient OS like XP or W2000 are not coming back. Also W8 and 10 interface looks like result of art competition from primary school. Everywhere only bling, bling, Tw****r integration, Face**** integration. Only what is lacking is GPS location beacon to monitor user 24/7. Bloody permanent surveillance.

    W11 will require sample of blood, shoes size, ****/tits size, number of children and proving your descent for 5 generations back. just to log-in... it's coming big time.
  17. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    Writing down passwords and PIN's is a good idea. I wrote the PIN of my banks ATM card on the card itself and people tell me it's not a good idea, I can't understand why :D
  18. TheBigFatClown

    TheBigFatClown TS Guru Posts: 684   +254

    "Nary a day goes by that we don’t hear about a new security breach in which million of credit cards or passwords are stolen."

    It's called the real world. Nary a day goes by in life that lots of things don't go wrong. Nary a day goes by that millions of things don't go wrong. But there has to be a line drawn in the sand somewhere. Everything requires balance. This should completely be a choice. If it's a choice, its fine. If it's forced on us like Metro was, it isn't fine.
  19. captaincranky

    captaincranky TechSpot Addict Posts: 13,025   +2,557

    Depends on how often you use it. I use my debit card 90% of the time in lieu of cash, and my PIN is fairly indelible by now. If I forget the PIN now, or at any time in the future, I might as well come to grips with my progressive state of Alzheimer's, and find someone to rob me blind through power of attorney.

    Seriously though, as long as you don't write your PIN on your forehead, you should be OK. Should you decide painting it on your face is the way to go, just make sure you write it backwards so you'll be only one who can read it....(y) (using a mirror).
    Skidmarksdeluxe likes this.
  20. captaincranky

    captaincranky TechSpot Addict Posts: 13,025   +2,557

    Meh, I'm pretty sure I'll still be using Windows 7, so basically I won't be giving a rat's a**, even if requires a rectal exam to log on.
  21. dividebyzero

    dividebyzero trainee n00b Posts: 4,891   +1,264

    I write a four digit number on the back of my debit cards also - the only difference in our cases might be that the four digits don't actually correspond to the PIN number. I figure anyone who finds or lifts my wallet will give the number at least two attempts which cuts down their chances of hitting the jackpot.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...