Windows 8’s Picture Password Is Totally Hackable

The new Picture Password feature was officially released in October, together with the new Windows 8 operating system, and has been described as a new, innovative and a lot more secure way to protect your touchscreen device.

But Naven Jones of Uncoveror.com has found a way to quickly hack any Windows 8 computer using the Picture Password. And it’s not rocket science to do it.

Basically, it’s all possible because of the finger trails that remain on a touchscreen device after you unlock it using your Picture Password. Whenever someone shines some light on a darkened touchscreen, the finger trails are clearly revealed and in some cases, it could even help them figure out the Picture Password.

“Our skin is constantly producing oils. When we touch things, those oils rub off. Fingerprints have been a way to catch criminals since it was first discovered that each of us has a unique pattern. Finger trails are the vulnerability in picture passwords. You will leave them when you make finger gestures on a touch screen,” Jones writes.

Of course, getting inside a Windows 8 touchscreen device that uses Picture Password requires the “attacker” to have physical access to this computer. So cleaning the screen after using a tablet, for example, could provide the best protection for any device using Microsoft’s new Picture Password.

Here’s what Microsoft says about the Picture Password feature bundled into Windows 8:

“You can use a picture password in Windows 8 and Windows RT, so that even signing in to your PC is more personal. Because you choose the picture and the shapes you draw on it, the combinations are infinite—a picture password is actually more secure from hackers than a traditional password. You can draw a picture password directly on a touchscreen with your finger, or you can use a mouse to draw your shapes.”

With all these being said, here’s one of the official commercials released by Microsoft for the Picture Password option integrated into its new OS: