I think Microsoft should make people log in with their password once a month.


 Share

Recommended Posts

I think Microsoft should really ask a user for their windows / Microsoft account password once a month to log in. It goes something like this. They sign the user up for a Microsoft account, then they also create an account pin, then proceed to never ask the user for their Microsoft account password again.

 

When the time comes around when they need it, I ask them to enter it and they enter 4 numbers. When I tell them no, that's your pin, what's your password they have zero idea.

 

It should work just like an iPhone. upon restart you can't use your finger print until you authenticate with your pin. You shouldn't be able to use your pin unless you authenticate with your password. Because most people I help always never know their password.

Link to comment
Share on other sites

  • +warwagon changed the title to I think Microsoft should make people log in with their password once a month.

I think that's a very quick way to reusing poor passwords and keeping sticky notes.

 

It makes much more sense for people to install Microsoft Authenticator and use it for authentication.

 

Link to comment
Share on other sites

On 17/09/2021 at 14:42, Joe User said:

I think that's a very quick way to reusing poor passwords and keeping sticky notes.

 

It makes much more sense for people to install Microsoft Authenticator and use it for authentication.

 

That's even worse, I have such LOW faith in the average user. How do they recover if they loose their phone with the authenticator? They are probably too stupid to backup the backup codes. Had someone last week save her Quicken backups to her desktop on her computer. I asked her if she has ever saved them to a flash drive she said no, she just backs them up to her computer.

 

It's also funny when I have to help them get in. They just think they can magically type in a different password and it will work.  Or, that I can magically just reset their password. I'm like uh no, only if your recovery options are in order. Essentially they think I can just hack their account and change their password.

Link to comment
Share on other sites

On 17/09/2021 at 14:43, warwagon said:

That's even worse, I have such LOW faith in the average user. How do they recover if they loose their phone with the authenticator? They are probably too stupid to backup the backup codes. Had someone last week save her Quicken backups to her desktop on her computer. I asked her if she has ever saved them to a flash drive she said no, she just backs them up to her computer.

 

It's also funny when I have to help them get in. They just think they can magically type in a different password and it will work.  Or, that I can magically just reset their password. I'm like uh no, only if your recovery options are in order. Essentially they think I can just hack their account and change their password.

If they lose their phone, they recover with the computer or email. If they lose their computer, they recover with the phone or email or sms. If they lose everything, their password is the least of their worries. 

 

There comes a point where you can't make it any easier for them without sacrificing security. Requiring that they pull out an infrequently used password every 30 days isn't a solution to making them remember that password, it's just going to make them write it on a sticky note.

 

 

Link to comment
Share on other sites

I no longer have a password on my account so it'd be difficult to type it in.

Link to comment
Share on other sites

  • 2 weeks later...

Although the thing I don't like about MS Authenticator is that I have to select the number.

Why?

I already need my thumbprint.

 

While I'm not a huge fan, this is one area Google have right.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.