Windows Picture Passwords - are they really as "easily crackable" as everyone's saying?

  • 13 September 2013
  • 1 reply
  • 858 views

Userlevel 7
Badge +54
If you've used Windows 8, or even just seen the ads for it, you'll know it has a feature called Picture Passwords.
You choose a picture, any picture, and then "annotate" it with three finger movements: you can tap a point, draw a stroke, or sweep a circle.
The picture helps you to remember where you made the gestures, so you can repeat them reliably enough to pass the test and unlock your device.
If you have a touch screen tablet, Picture Passwords are surprisingly handy. (Pun intended.)
But how safe are they?

One of the ads I've seen for Windows 8 made a pretty big deal out of the coolness of Picture Passwords, and illustrated their convenience with a login sequence to which my immediate reaction was, "Surely not?"
The ad showed a picture of someone's two young daughters, heads close together and looking at some distant object; the password involved circling their heads and then drawing a line in the direction they were looking.
That struck me as far, far too easily guessed; a bit like an ad showing someone choosing the keyboard password SECRET and implying that would be good enough.
 
Full Article

1 reply

Userlevel 7
It's true - this kind of password is weak. Easily guessed or not, the finger residue pattern left on the screen is usually a giveaway.

Reply