New
#70
You are misinterpreting what that functionality is for. It is not a security function but simply to help people who have forgotten their local password to relogin. Point is that it is meant to be simple.
Anybody wanting to get round password can reset it using a number of techniques well publicised on web.
If you want more secure answers to questions, you can always answer the questions in some code e.g. put name in reverse e.g. ECIDNECILS or move along one letter e.g. IBM becomes HAL (2001 HAL was descibed as being one step beyond IBM), add year you were born e.g. DAVE1996 etc.
No I'm not misinterpreting it. It is a security function. Helps identifying ME and thus keeping my password safe (security).
My point in the post was that it is ridiculous having a few alternatives in a drop down. Answering the questions with something that does not directly correspond to the question is not a good way to work around this.
Totally stupid feature as is right now.
I totally disagree with you. It was introduced precisely as a means to help users a couple of builds back who have forgotten their passwords. This type of security question is commonly used on web to reset passwords. Make it too difficult and people will forget the answers to the questions making it a useless tool.
The reality is most people use less secure passwords anyway for local passwords as they are not forced into the MS account rigidity.
Of course, it will probably not help much if your siblings answer the questions but do you know the answers to the questions even for your workmates etc.? For majority of users, the level of security is adequate for casual strangers trying to get access. If it is your own family/friemds, then you have much bigger trust issues.
You could enter a complete random set of letters and nobody could ever answer them, and then it would be no different really, or you could just enter same hint that is curently used in FCU 3 times. The system is only as secure or insecure as you choose to make it.
NOTHING will stop a determined hacker bypassing a local password.
As I said earlier, I know a lot of people who can not answer most if any of the default questions. There is no way to skip these questions or at least put some personalized questions. One totally unneeded step during setup. What would be the purpose of answering "red" when the question is "how old is your oldest cousin"?
Speaking of security. What is the purpose of a pin number login? MS says "make your computer more secure by using a PIN" WTF? My 20 character PSWD with the full numerical, alphanumerical and symbol characters at my disposal is many times more secure than any 4-6 number PIN.
This build 17110 still have the same problem as 17107 sleep/wake.
Seems to work fine until the computer goes to sleep, at waking up it crashes or shutdown.