Microsoft has detailed its Windows 8 Picture Password protection, insisting that it's as secure as traditional numbers-and-letters input.
BUILD conference, Microsoft took an auditorium of developers on a deep dive
into the upcoming Windows 8. Among the features revealed in passing was a
rather unique way of safeguarding the operating system from unauthorized users:
a "Picture Password" that required touching parts of an image in order to move
past the initial lock screen.
is revealing more details about the "Picture Password" sign-in. First, users
will choose a personal image; then, a series of gestures (tap, lines, and
circles) to "unlock" the Windows 8 interface. That relatively simple process
required a good deal of thought on the part of Microsoft's engineers, who
needed to solve problems such as how much margin of error they'd allow users'
"We take a
look at the difference between each gesture and decide whether to authenticate
you based on the amount of error in a set," Zach Pace, a program manager for
Microsoft's You Centered Experience team, wrote in a Dec. 16 posting on the Building Windows 8
blog. "When the types,
ordering, and directionality are all correct, we take a look at how far off
each gesture was from the ones we've seen before, and decide if it's close
enough to authenticate you."
He also argued
that drawing on an image offers security on par with entering numbers and
letters into a keypad. Taps, lines and circles on a set grid can translate into
billions of possible gesture sets. Moreover, Microsoft is baking additional
security measures into Picture Password.
enter your picture password incorrectly 5 times, you are prevented from using
the feature again until you sign in with your plain text password," he wrote.
"Also, picture password is disabled in remote and network scenarios, preventing
network attacks against the feature."
potential thieves would have trouble guessing your Picture Password based on
telltale smudges on a screen. "Because the order of gestures, their direction
and location all matter," he added, "it makes the prospect of guessing the
correct gesture set based on smudging very difficult even in the completely
clean screen case, let alone on a screen that sees regular touch use."
revealed several aspects of Windows 8 of late. Earlier in December, it unveiled
Windows Store, its long-anticipated applications storefront for the operating
In the battle
against Apple's App Store, Microsoft is likely banking on Windows 8 attracting
a broad audience of both consumers and business users, which in turn would
generate a significant market for everything from games to enterprise
applications. Businesses are a key audience for Microsoft products, and thus a
target of the company's earliest communications regarding its new storefront.
announced that the Windows 8 beta will arrive in February. Unlike previous
versions of the operating system with their desktop-style interface, the
operating system's start screen centers on a set of colorful, touchable tiles
linked to applications-the better to port it onto tablets and other
touch-centric form-factors. The final version is reportedly due later in 2012.
Follow Nicholas Kolakowski on Twitter