Monday, December 19th 2011
Password Security The Windows 8 Way
Windows 8 implements a radical new user interface called Metro for desktop PC's, which has so far received a mixed reception. However, there's many other changes under the hood and one of those is how password security is handled, which we look at here. It's a fact of life, that in today's modern world, we have to remember a plethora of passwords and PIN's, which can be daunting. This leads to security issues as users end up writing down passwords and/or create very insecure ones which can be easily guessed. Windows 8 aims to uphold strong password security, while at the same time, easing the burden on the user. Also, passwords can be obtained in various ways by miscreants, such as phishing, keylogging, guessing, and cracking. Windows addresses each of these problems in three main ways:
1 Protect against phishing and keylogging
Using these tools protects your computer against the kind of malware that can access your entire computer, such as viruses and trojans.
1A: Secure boot: this uses the new Unified Extensible Firmware Interface (UEFI), which replaces the ancient BIOS in modern motherboards and uses digital signing, which blocks bootkits and rootkits from attacking the system at the lowest level.
1B: SmartScreen: this warns against visiting known bad websites or running suspect applications. It builds up a picture of which are good and bad by using a reputation system.
1C: Windows Defender: previously protecting against just viruses, it has now been expanded into a full security suite, protecting against the usual suspects, such as viruses, worms, bots and rootkits.
2 Protect against guessing and cracking
Long and complex passwords do wonders for security and make system admins very happy. However, they're a nightmare for users to remember and type in - even for the admin... Windows 8 eases the task of creating, using and managing unique and complex passwords.
2A: Store accounts: centralized store for logins to various websites. This is similar in the way that web browsers store this information, except that being done in Windows, it's available to any other or application or browser that can make use of it.
2B: Sync passwords: you have 100 logins stored on your home PC, but are now using your friend's PC and can't get to them - very inconvenient. Windows 8 uses Windows Live to allow password synchronization between the two PC's - assuming the second PC is trusted.
2C: Virtual smart card: this is a software-based version of a smartcard. It uses the Trusted Platform Module found in many business PC's and some motherboards for DIY PC's and works wherever physical smart cards work
3 Protect against your own forgetfulness
Users shy away from using strong passwords, because they're likely to forget them, especially if they have many to remember. Windows 8 makes it easier to recover from a forgotten password.
3A: USB recovery: passwords are stored in an encrypted USB memory stick that can be used should a password be forgotten.
3B: Reset from another PC: you can reset your password from any PC using Windows Live.
3C: Two factor authentication: you can prove that you're the rightful owner of an account by linking it to a mobile phone or email address
ANALYSIS
These features all sound wonderful and will indeed make life much easier for the user. However, some of these features would actually appear to potentially create a large attack surface for miscreants to have a pop at. Let's take a look at them:
2A: Store accounts: so any web browser and application can use the information stored here? An application such as that virus which just got onto the PC perhaps? This is a problem, because nothing is 100% secure, regardless of how many layers of security are put in. This feature might be best left switched off. It's also best not to allow any web browser to remember logins, either.
2B: Sync passwords: this requires the second PC to be clean of infection and properly trusted. By "trust", this also means the physical security around it, such that the user isn't shoulder surfed, for example. Use with caution.
2C: Virtual smart card: the details of this would have to be looked into a little more carefully to weigh up the pros and cons of this system. One potential issue could be the versions of the TPM module on the motherboard and smartcards used, as they may not have directly equivalent features, meaning that security compromises might have to be made. The user should be made well aware of any compromises like this before being asked to use this feature.
3B: Reset from another PC: again, how secure is that other PC and the environment it's situated in? Use with caution.
As Windows 8 isn't even at the beta stage yet, firm conclusions and criticisms shouldn't be made right now. However, the issues pointed out are inherent in the feature being implemented and should therefore be monitored very carefully.
1 Protect against phishing and keylogging
Using these tools protects your computer against the kind of malware that can access your entire computer, such as viruses and trojans.
1A: Secure boot: this uses the new Unified Extensible Firmware Interface (UEFI), which replaces the ancient BIOS in modern motherboards and uses digital signing, which blocks bootkits and rootkits from attacking the system at the lowest level.
1B: SmartScreen: this warns against visiting known bad websites or running suspect applications. It builds up a picture of which are good and bad by using a reputation system.
1C: Windows Defender: previously protecting against just viruses, it has now been expanded into a full security suite, protecting against the usual suspects, such as viruses, worms, bots and rootkits.
2 Protect against guessing and cracking
Long and complex passwords do wonders for security and make system admins very happy. However, they're a nightmare for users to remember and type in - even for the admin... Windows 8 eases the task of creating, using and managing unique and complex passwords.
2A: Store accounts: centralized store for logins to various websites. This is similar in the way that web browsers store this information, except that being done in Windows, it's available to any other or application or browser that can make use of it.
2B: Sync passwords: you have 100 logins stored on your home PC, but are now using your friend's PC and can't get to them - very inconvenient. Windows 8 uses Windows Live to allow password synchronization between the two PC's - assuming the second PC is trusted.
2C: Virtual smart card: this is a software-based version of a smartcard. It uses the Trusted Platform Module found in many business PC's and some motherboards for DIY PC's and works wherever physical smart cards work
3 Protect against your own forgetfulness
Users shy away from using strong passwords, because they're likely to forget them, especially if they have many to remember. Windows 8 makes it easier to recover from a forgotten password.
3A: USB recovery: passwords are stored in an encrypted USB memory stick that can be used should a password be forgotten.
3B: Reset from another PC: you can reset your password from any PC using Windows Live.
3C: Two factor authentication: you can prove that you're the rightful owner of an account by linking it to a mobile phone or email address
ANALYSIS
These features all sound wonderful and will indeed make life much easier for the user. However, some of these features would actually appear to potentially create a large attack surface for miscreants to have a pop at. Let's take a look at them:
2A: Store accounts: so any web browser and application can use the information stored here? An application such as that virus which just got onto the PC perhaps? This is a problem, because nothing is 100% secure, regardless of how many layers of security are put in. This feature might be best left switched off. It's also best not to allow any web browser to remember logins, either.
2B: Sync passwords: this requires the second PC to be clean of infection and properly trusted. By "trust", this also means the physical security around it, such that the user isn't shoulder surfed, for example. Use with caution.
2C: Virtual smart card: the details of this would have to be looked into a little more carefully to weigh up the pros and cons of this system. One potential issue could be the versions of the TPM module on the motherboard and smartcards used, as they may not have directly equivalent features, meaning that security compromises might have to be made. The user should be made well aware of any compromises like this before being asked to use this feature.
3B: Reset from another PC: again, how secure is that other PC and the environment it's situated in? Use with caution.
As Windows 8 isn't even at the beta stage yet, firm conclusions and criticisms shouldn't be made right now. However, the issues pointed out are inherent in the feature being implemented and should therefore be monitored very carefully.