Well, Windows for consumers, at least:
The software giant announced the move Thursday, May 1, traditionally known as "World Password Day," with a declaration it had joined forces with the Fast Identity Online (FIDO) Alliance to re-name the pseudo-holiday "World Passkey Day."
Redmond’s not just playing with words as the Windows giant has also decided that all new Microsoft accounts will use passkeys by default. Passkeys, which involve the use of biometric identification like a fingerprint or face scan, PIN, and the like, will be the de facto new way to set up an account, and existing Microsoft users are being encouraged to visit their account settings page to delete their passwords and start using passkeys.
(Think of passkeys as a replacement of passwords.)
I'm of two minds here. On the upside, passwords are generally an infinitely renewable source of insecurity. This has been known for decades:
On the downside, there is one negative that can simply never be fixed: you cannot change your biometrics if this somehow gets compromised. You cannot revoke a fingerprint and issue a new one.
My take: hold off on this one. Certainly Microsoft's commercial customers will never go here - password rotation is specifically required by essentially all industry security mandates (ISO 27000, SOC2, etc).
Color me unconvinced. I'm not sure exactly what motivated Microsoft to do this.
13 comments:
If MS requires me to do biometric, I will become a LINUX user...........
MS and their sillyness... I jumped ship with the NT4 EOL
fiasco and went linux. I'd held off up to then based on
the probable pain of an OS switch but after a year it all
came together and far cheaper (mostly free).
I had to suffer Win10 at work and that would not do what
I needed so the retired machine ("not upgradeable")
was put to work running Linux (mint 16). The funny
moment was Calc (libreOffice) running two instances
on two old screens for antenna modeling. Boss saw
that and asked how? Answer was this is not that
pointing to the win10 box, its Linux. The win10
box was upgraded.. to linux.
Eck!
Matthew and Eck! I strongly recommend Linux, although there are still a few things that don't work cleanly. But not many. Surprisingly, Microsoft's move to embed Linux has helped a lot there, as has SteamOS.
The nasty truth is that biometrics do change, sometimes rapidly. Cataracts affect eyes, skin damage affects fingerprints.
Even DNA can be iffy. If the system is simple enough for a quick check, that means the system is only sampling a minimal number of markers. Which can be unreliable. Especially since systems need to be calibrated.
Linux here I come.
I believe I will skip their offer.
Glad I'm off them, since my fingerprints suck... I basically can't pass ANY fingerprint checks.
I already intend to dump Gates when Windows 10 expires.
My primary OS has been Linux for many years now, but some programs I occasionally use only run on Gates.
Microsoft once again proving that every decision they make is the wrong one. It's like the company management culture is set to "evil" or something.
They just want to capture everyone's biometrics so they can more effectively steal your information. And so they can more effectively make you a "non-person" if you speak ill of the MCP (think "Tron").
It's worse than that for businesses - not only can you not revoke biometrics, if you seek to use alternate means (yubi keys, et al), you run into huge problems with lost/broken items and the managing thereof.
I still have an old 486 (really) system used for non network work
and Ubuntu 6.04 still cranking. Unlike winders if the hardware isn't broken it runs where winders itself was known for just croaking for now good reason. Back when 50 users with win95c
at least once a month one would up and puke.
I avoid winders, period. Makes my life easier.
Eck!
I recently interacted with a nurse that had worn off her fingerprints by thousands of exposures to caustic chemicals over a career as a surgical nurse.
This is a purposeful blow to internet privacy and why these corporate behemoths needs to be demolished. How soon will someone be outed for using you know, the n word or whatever on a site.
While passwords are weak point, this down right invasive, but most Americans are too stupid for freedom or the Bill of Rights. The rest of us have to be dragged into this stupidity.
Post a Comment