Microsoft is abandoning passwords for two-factor authentication in the Longhorn timeframe.

For those unfamiliar with two-factor authentication, a little background: Passwords authenticate based on what a user knows. As Bruce mentions, the problem is that knowledge is easily shared or misappropriated. Multifactor authentication attempts to make the authentication process more reliable by combining what a user knows with something more tangible - something a user physically has.

For example, many of you may have an RSA SecurID token that you need to login to your corporate network. This is a constantly-changing, one-time-use key that you have to use in combination with the password. Other examples of the "has" factor would be USB dongles and fingerprint readers.

If someone steals your token, they still need to know the password, and vice versa. The more factors you introduce into the authentication process, the more reliable it becomes. (I'm sure you've all seen the example in spy movies where they need an id card, a pin number, a retina scan, and a fingerprint scan).

Security maven Bruce Schneier says two-factor "solves the security problems we had ten years ago, not the security problems we have today".

Unfortunately, the nature of attacks has changed over those two decades. Back then, the threats were all passive: eavesdropping and offline password guessing. Today, the threats are more active: phishing and Trojan horses.

There is no doubt this will improve the authentication process, but authentication is just a small piece in the security puzzle.

See also: Why Default Passwords are a Bad Idea.


blog comments powered by Disqus