With Windows 8 and its increased support for tablet/touch-based devices, we now have the option to use a new authentication mechanism: Windows 8 picture password.
If you’ve got a good, strong password (as a systems administrator, you certainly should!), you have probably noticed that it takes you considerably longer to log in on a tablet device than it would to do so on a regular PC. Microsoft has aimed to give us a “fast and fluid” way of logging into our devices with the new picture password login in Windows 8.
Two elements are involved with the picture password login. The first is a picture selected by the user; Microsoft intentionally hasn’t provided a selection of images for this, as selecting your own picture increases both security and memorability of the picture password. The second element is a set of “gestures” that the user makes on or around the selected image. These gestures can be a combination of circles, lines, and taps. The circle and line gestures also offer an additional layer of security, as the direction of these gestures must be correct in order to successfully authenticate.
To create a picture password for your account, select “settings” from the charms bar. You can get to the charms bar by pointing to one of the right corners of the display.
Windows 8 charms bar – More PC settings
On the settings panel to the right, select “More PC settings.” This will take you to the new Metro control panel app. When the app starts, select “Users” from the list on the left of the screen. You should then see various options related to your user account. About halfway down these options on the right, you will see a button labelled “Create a picture password.” Click this button to start the picture password wizard.
Windows 8 PC settings
Once the picture password wizard has started, the first thing you will need to do is select a picture to use. I would recommend a photo of decent resolution. For my example, I used the 4sysops logo; however, Windows scaled it up to fit the screen, so it ended up looking quite pixelated. You’ll notice the new Metro-based file browser is used when you are selecting your picture.
Windows 8 picture password – Choose picture
After you select your image, you will need to make 3 gestures around it. As mentioned before, these can include circles, lines, and taps. Once you have made your gestures, you will have to make them again, just so the system knows that you got it right (in the same way you always need to type a new password twice).
Windows 8 picture password – Set up your gestures
If you manage to perform the same gestures to a satisfactory accuracy the second time, Windows will save the picture password for your account. Next time you log in, you will be presented with your image to perform your gestures on. Should you forget your gestures (as I promptly did!), you can still fall back to a regular password-based login and set up your picture password again.
While picture passwords may make logging in quicker and easier for end users, this might not be something that systems administrators like the sound of! I expect it’s easier to obtain a user’s touch gestures on an image from watching over their shoulder than it would be to do the same with a traditional password-based login. Windows 8 provides a new group policy object (GPO) to allow administrators to prevent users from using this feature:
Computer configuration-> Administrative Templates-> System-> Logon-> Turn off PIN and Picture password logon