Coffeehouse Post

Single Post Permalink

View Thread: Windows ID and Hackers
  • User profile image

    We can debate incorporating Live ID into Windows, but I'm not sure it's that relevant. Yes, it's yet another escalation, but the simple fact is, we've already escalated beyond the point of our ability to be secure. Most of our information is moving online. This has meant the need to secure hundreds, if not thousands, of sites for most people. Dealing with that many passwords is simply not possible, so people looked for other solutions. The easiest thing to do is reuse your password everywhere and to "daisy chain" services, both of which lead to very bad security vulnerabilities. The next thing we've done is "single signon" solutions, which is only marginally more secure, and due to daisy chaining most people are still left very vulnerable.

    Two factor authentication is a very simple way to making all of this more secure again. Heck, with two factor authentication you don't even have to store the password (one of the factors) anywhere, ever, totally eliminating one attack vector. The only problem is that using two factor authentication techniques is cumbersome for end-users at the moment. So much so, that most won't use it. What I'm pointing out is that that is a problem that's not difficult to solve... we just need an easy way to provide the second factor (bluetooth, NFC, USB, WiFi, etc.) rather than transcribing a code via the keyboard. With OS and software support you can make it even easier... never prompting the user again after they've logged on once.