Entering text on a tablet PC without physical keyboard can be a frustrating experience. Especially so if you need to enter characters that are not displayed by default. One of the situations where this may be encountered is during sign in on the system. If you are using special characters in your account password, you may feel that it is very frustrating to enter it whenever you need to work with the tablet.
And while it is certainly possible to configure automatic log ons if you are working on a single-user system, it is not always possible or advisable to configure the system to load a user account without password.
Microsoft's upcoming operating system Windows 8 will therefor provide users with the option to switch from password strings to picture passwords.
How to picture passwords work? They basically consist of a single picture and set of gestures. Supported by Microsoft's picture password implementation are gestures that point at a location, connect areas or highlight passes. These gestures have been mapped to the tap, line drawing and circle functionality of touch based devices.
Windows in addition remembers the drawing direction of circles and lines.
Tests revealed to Microsoft that tablet users were able to sign in in about four seconds using picture passwords, whereas it took up to 30 seconds or more to sign in with the tablet's onscreen keyboard.
The technology behind picture passwords is not as complex as it looks like on first glance. Microsoft uses coordinates and a scoring function to determine if a spot matches one of the picture password's reference points. Users do not have to hit the spot right on, it is sufficient to hit near that spot to trigger a positive response.
Security is another aspect to consider. Microsoft compared standard character based passwords to gesture based passwords. The conclusion was that taps were always more secure than entering the same number of plain text characters during login.
Microsoft's conclusion was that a three gestures are sufficient when it comes to security. Three gestures beat a complex five character set password and a simple a-z six character set password.
Safeguards have been implemented to make repeated attacks less effective. Windows 8 will automatically switch to plain text passwords after five failed attempts to sign in with a picture password. In addition, picture passwords have been disabled in remote and network scenarios to prevent network attacks using the feature.
Picture passwords, according to Microsoft, are also more robust when it comes to determining the password from smudges left by a user who entered the password.
Here is a video demonstrating the functionality.
Picture passwords can definitely improve the sign in time of tablet users who do not have access to a physical keyboard. It remains to be seen though if the system is as secure as Microsoft claims it is. System and domain administrators can disable the picture password functionality in the group policy.
What's your take on picture passwords?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.