|
|
I found myself (in the old days) putting periods at the end of
COBOL comments... but that was OK.
|
|
|
|
|
Hi,
The company I work for has changed to using a secure pin over passwords as part of the Windows Hello routine.
I for one think PIN over Password is dodgy, no longer can I use B008IeS! as a password (I didn't but shipped something where I forgot to change it, whole other story!). View from the informed is this to make smart phone users happy (I am using a proper PC with a Proper Keyboard) or something else??
Glenn
|
|
|
|
|
Good news: just under where you enter the PIN there is an option to enter a password or a PIN.
|
|
|
|
|
Yes, but the change came some time ago.
|
|
|
|
|
Have they just changed the log on procedure at all or just give the password a new set of clothes?
|
|
|
|
|
It's just an extra option which makes it slightly easier to login. I'm sure I've been using it for more than a year.
|
|
|
|
|
"It's just an extra option which makes it slightly easier to hack. I'm sure I've been using it for more than a year."
FTFY.
</cynicmode>
|
|
|
|
|
Given that the PC never leaves the house, who is going to hack it?
|
|
|
|
|
|
|
I will not entertain agents of Satan.
|
|
|
|
|
Now you really pissed off the cats. They will be paying a visit…soon!
modified 13-Apr-23 19:39pm.
|
|
|
|
|
My son already has one that hates me.
|
|
|
|
|
Richard MacCutchan wrote: Given that the PC never leaves the house, who is going to hack it?
Clearly you've never been burgled.
|
|
|
|
|
|
Not at all.
But I think you might be a little more worried knowing a thief could take your PC back home and start trying to guess a 4-digit pin at a leisurely pace.
|
|
|
|
|
Well even if he did, there is nothing in there that he would find useful.
|
|
|
|
|
I see, not worried because you have nothing to hide.
Carry on your merry way, citizen!
|
|
|
|
|
If you insist on carrying the computer around the house to random places it does make it easier to walk off with it.
Now mine is locked to my desk. So they are going to need to do some sawing through metal to get to it. Does slow down the get in get out quick case.
|
|
|
|
|
Win 10 started nagging me to switch to pin over pwd quite some time ago. They gave some whodeewhatsis about it somehow being more secure. My thought was, "How is 4 digits more secure than my much longer alphanumeric pwd?" But, then I discovered that I could set my pin to alphanumeric characters and more than 4. So I did. When I login now it shows a box to enter my PIN and I enter my longer alphanumeric value and I'm in.
So, I don't know if by using alphas when I set the PIN it just silently fell back to pwd or if I really am using their fancy new pin. It stopped nagging me so I stopped caring. To me it just looks and acts like a password.
To be honest, in my case I don't think it matters. My copy of windows is a virtualbox vm which is only started once or twice a week if and when I need it and closed when I'm done.
|
|
|
|
|
The pin is more secure because it's tied to your device, while your password isn't.
In other words, when hackers steal your password, they can break in to your Microsoft account, email, all your logged in devices, etc.
When they steal your pin they can only enter your PC (and then probably everything else by extension)
|
|
|
|
|
Ah, thank you. Tying it to a specific device makes sense. I'm sure that was explained to me when the switch to using a PIN was offered. I'd just forgotten.
|
|
|
|
|
Thanks for that reminder. I had forgotten MS's "explanation" for the PIN being somehow "more secure".
And it really isn't; in fact the bar is seriously lowered. Anyone looking over my shoulder could probably make a pretty good guess as to what my PIN is - not so with my password. Once logged in, I can access an awful lot of my data without ever being prompted for anything else.
Being tied to the device doesn't prevent anyone from using it where it is, unless MS thinks I'm going to start paying armed guards to stand at my door.
|
|
|
|
|
I'm not getting it.
If I select the same PIN for all my devices, it is not unique for any of them. If I select different PINs for each device, they are 'unique' for each device. (How many devices exist? Divide the number by 10000 to see how many devices, on the average, share that 'unique' PIN!)
If I select the same password for all my devices, it is not unique for any of them. If I select different passwords for each device, they are unique for each device.
Some years ago, there was a web page publishing all the PIN codes in the world (4-digit). Your PIN code is publicly known!
Being somewhat more serious: A brute force attack against a 4-digit PIN hardly requires any brutality or force! I've met people who use a 3-5 char password, and argue along the lines 'But inside the computer, a perfectly safe RSA 2048 key is used!' A little knowledge is a dangerous thing!
|
|
|
|