Windows 8 Picture/PIN password glitch discovered
- 04 October, 2012 11:18
A vulnerability with the preview version of Microsoft’s Windows 8 operating system (OS), where it saves a log on password in plain text and allows any user with admin rights to see the password details, has been discovered by a password security vendor.
According to a blog post by a Passcape Software administrator, Picture password and PIN are new sign-in authentication methods in the developer preview of Windows 8 which are designed to avoid the problem of forgotten passwords.
However, the blog urges users to use the authentication methods with caution because the user must first create a Windows 8 acccount with a regular password before switching to PIN or Picture password authentication.
“If a [Windows 8] account is configured for authentication using Picture password or PIN, your original plain-text password is stored in the system, and any user with the administrator privileges can gain access to it,” read the blog post.
Microsoft Australia has been contacted for a response by Computerworld Australia.
Windows 8 is set to go on sale on October 26 this month.
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- NAB plans customer migration to NextGen platform
- A/NZ College of Anaesthetists to expand campus security monitoring
- Credit Union Australia signs Good Technology to secure 400 devices
- Taxi startup ingogo hails $3.4 million in latest funding round
- Updated: Federal Court dismisses Aust Post trade mark appeal
Amazon drones are 'fantasy,' says eBay CEO
Training critical to Australia tapping broadband potential: CSIRO
US faces major Internet image problem, former gov't official says
Why CIOs stick with cloud computing despite NSA snooping scandal
Telstra hits 300 Mbps in LTE-A trial