What’s so bad about Windows 8 Picture Password?

The jury is still out on Windows 8.

I mean, from what I see from countless youtubes out there, there are those who like it, and those who wished it would completely die a slow and horrible death. On the whole, almost everyone agreed there would be a learning curve involved even for the experienced users. For those who are like my dad, who is still mastering the art of mouse usage, using windows 8 would be as easy to understand as interpreting Mesopotamian hieroglyphs.

However, there is an interesting feature in Windows 8 called the Picture Password. You can google it and see how it works. Basically, you choose a picture then do a sequence of gestures on it as your password. Gestures are limited to circles, lines and taps. Taps means what it is. Tap. So if I had my dog’s picture there, I could draw glasses on him, put a smiley on his snout and tap his cute little nose.

Obviously in IT security circle, it has been bashed to bits. The inventor of RSA SecurID token, Kenneth Weiss took the concept into centre court and smashed it into tiny bits with a sledgehammer. And then ran a lawn mower over it. Before feeding it to a pool filled with piranhas.

To be honest, I thought it was a wee bit over-reactive from a guy who didn’t have a great track record himself of late. I mean, it wasn’t cool. You are obviously a genius, Kenneth. To label Windows’ attempt at authentication a “Fisher Price Toy” is like me looking at my son’s attempt at writing his name and smacking him in the head because he can’t write in a straight line. My son is 5 months old. It’s unwarranted, and in some ways, makes him look like a petty old man who knows his time in this world is over and can’t stand the sight of new, and obviously inferior ideas overtaking his.

First of, is the picture password revolutionary? Of course not. Android has already adopted gestures as authentication, and probably the pilgrims did it as a way of communicating with the natives when they landed on the Plymouth Rock in 1620. Is it secure? Of course not. Not anymore than typed passwords are. Is it fun and interesting? Depending. Microsoft is hoping it is.

You see, this was never meant to take over secure authentication. It’s just a means to get to your desktop. Yes, you can definitely see the gestures from far away, or through whatever ‘smudges’, taking into account most computer users probably eat fried calamari and then proceed to touch their screens after. Or that it’s so guessable, than most people would draw a spectacles, smiley face, beard, moustache on a picture anyway? But so what? Is it anything better or worse than having a password called ‘password123’ or ‘iloveyou’ or ‘Jesus’? It doesn’t detract or add anything to what we are already doing, except that using gestures is a whole lot more organic than typing on the keyboard.

The only plus thing is that Microsoft seems to understand the future of Human computer interaction lies in this organic movements. In 5 years, the use of mouse and keyboard will be replaced by gestures. In the future, interacting with computers will not be limited to screens or physical hardware, but by probably holograms placed all across the home, all smart devices interacting with each other. This is a future reality, and Microsoft seems to be gearing up for it. Whether they succeed or not, that’s another question. The competitive landscape has changed a lot since the days when Microsoft would be the king of the playground and smash kids like Netscape into smithereens. There’s still a few more years before we know if Microsoft rightfully belongs in this new landscape of Google, Facebook, Apple or Angry Birds.

Until then, while they might be a tech giant, Microsoft is a runt in the new tech landscape where consumer coolness is key and Apple is still the benchmark. So let’s give them an A for effort, although the idea is pretty stale.

And as for the Father of RSA SecurID, don’t punch the new kid in the face for having a nice looking cover over the same old school bag that everyone is using. Give the guys at Redmond a chance and they might spring a surprise for us consumers.

And I don’t mean a bad surprise like their Blue Screen of Death.

 

 

Leave a Reply