+Warwagon MVC Posted September 17, 2021 MVC Share Posted September 17, 2021 I think Microsoft should really ask a user for their windows / Microsoft account password once a month to log in. It goes something like this. They sign the user up for a Microsoft account, then they also create an account pin, then proceed to never ask the user for their Microsoft account password again. When the time comes around when they need it, I ask them to enter it and they enter 4 numbers. When I tell them no, that's your pin, what's your password they have zero idea. It should work just like an iPhone. upon restart you can't use your finger print until you authenticate with your pin. You shouldn't be able to use your pin unless you authenticate with your password. Because most people I help always never know their password. Link to comment Share on other sites More sharing options...
Joe User Posted September 17, 2021 Share Posted September 17, 2021 I think that's a very quick way to reusing poor passwords and keeping sticky notes. It makes much more sense for people to install Microsoft Authenticator and use it for authentication. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted September 17, 2021 Author MVC Share Posted September 17, 2021 On 17/09/2021 at 14:42, Joe User said: I think that's a very quick way to reusing poor passwords and keeping sticky notes. It makes much more sense for people to install Microsoft Authenticator and use it for authentication. That's even worse, I have such LOW faith in the average user. How do they recover if they loose their phone with the authenticator? They are probably too stupid to backup the backup codes. Had someone last week save her Quicken backups to her desktop on her computer. I asked her if she has ever saved them to a flash drive she said no, she just backs them up to her computer. It's also funny when I have to help them get in. They just think they can magically type in a different password and it will work. Or, that I can magically just reset their password. I'm like uh no, only if your recovery options are in order. Essentially they think I can just hack their account and change their password. Link to comment Share on other sites More sharing options...
Joe User Posted September 17, 2021 Share Posted September 17, 2021 On 17/09/2021 at 14:43, warwagon said: That's even worse, I have such LOW faith in the average user. How do they recover if they loose their phone with the authenticator? They are probably too stupid to backup the backup codes. Had someone last week save her Quicken backups to her desktop on her computer. I asked her if she has ever saved them to a flash drive she said no, she just backs them up to her computer. It's also funny when I have to help them get in. They just think they can magically type in a different password and it will work. Or, that I can magically just reset their password. I'm like uh no, only if your recovery options are in order. Essentially they think I can just hack their account and change their password. If they lose their phone, they recover with the computer or email. If they lose their computer, they recover with the phone or email or sms. If they lose everything, their password is the least of their worries. There comes a point where you can't make it any easier for them without sacrificing security. Requiring that they pull out an infrequently used password every 30 days isn't a solution to making them remember that password, it's just going to make them write it on a sticky note. Link to comment Share on other sites More sharing options...
+chaos mage Subscriber² Posted September 17, 2021 Subscriber² Share Posted September 17, 2021 I no longer have a password on my account so it'd be difficult to type it in. Link to comment Share on other sites More sharing options...
Sir Topham Hatt Posted September 27, 2021 Share Posted September 27, 2021 Although the thing I don't like about MS Authenticator is that I have to select the number. Why? I already need my thumbprint. While I'm not a huge fan, this is one area Google have right. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now