One of Windows 8's biggest new features, the ability to use a photo as a touch-based authentication method for login, has been described as a "Fisher-Price toy" by the creator of the RSA SecureID two-factor authentication token.
Speaking to IT World, Kenneth Weiss, formerly of RSA and now the head of a three-factor authentication firm called Universal Secure Registry, is scathing of Microsoft's touch-centric login system, which asks users to press key points in a photograph in a particular order to log in to a device.
"I think it's cute. I don't think it's serious security," Weiss explains. "It's more like a Fisher-Price toy than a serious choice for secure computer access."
Weiss's concerns are somewhat allayed by Microsoft's positioning of the picture-based login system as an alternative, rather than a replacement, to the traditional password-based method, with a focus on touch-screen portable devices like tablets and smartphones where speed of access is a concern.
With Windows 8 targeting tablets in a big way, via the new touch-centric Metro UI design and its focus on web-powered apps, the photo unlock method is a neat feature - but, as Weiss points out, may be a poor choice from a security perspective.