Why, in 2018, is Microsoft adding security questions to Windows 10?
-
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
And who knows how secure those are, anyway.
I use an outlook.com MS account for most things. 2FA via app notification. I also use that for my personal PC login. So, more secure than enterprise IMO (unless you're in one that actually uses 2FA with AD if you're only talking MS shops).
Do you get a 2FA prompt when logging into the desktop? I never did.
No, but how is that less secure than a local account? They are both just a username and password, except one requires 2FA.
It's arguably less because the creds could be stolen from MS and your PC, where a local account could only be stolen from you PC. 2FA has nothing to do with that, from a logging onto the physical device at least.
My credentials aren't going to be stolen from MS... how would that even work? Credentials being stolen from the PC are no more likely than a local user account credentials being stolen from the PC. Or, maybe I will enable 2FA PC login.
-
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
While I don't actually know specifically - I'd like to think they are at least as secure as Google's accounts are.
Maybe, but it's hard to take them seriously for account security, in the middle of discussing how they don't take account security seriously. Know what I mean?
/sigh - yeah I know...
At the same time - I totally understand why they did - as @Obsolesce just said - it's for users who can't be bothered to create the recovery USB key when they forget their password for the admin account.
That's not what it is for. If they were doing it for that reason, it would be optional. Forcing it is logically only to put local accounts at risk to further an agenda of making people feel that they must use Microsoft's data collection services to log in.
-
I never, ever answer security questions with real information.
-
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
-
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
Real pros use their password as their security question answers.
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
I tried that - but promptly forgot the fake answers I gave.
-
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
Real pros use their password as their security question answers.
LOL
along those lines - since I do have AD and I remove all local accounts from local admin - when setting up a computer I just choose the first question and the same answer for them all .
-
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
I tried that - but promptly forgot the fake answers I gave.
More secure than ones you can look up
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
Of course Curtis has his own code system, he's from another planet.
-
@DustinB3403 said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
Of course Curtis has his own code system, he's from another planet.
Dude, not everyone named Curtis is THAT Curtis.
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@DustinB3403 said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Curtis said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
I never, ever answer security questions with real information.
That's a good practice. Have your own secret code system.
Of course Curtis has his own code system, he's from another planet.
Dude, not everyone named Curtis is THAT Curtis.
At least someone got that
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
-
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
Probably most that don’t use AD. Of course some will not, but not many.
-
I do it, it works really well with MS everything... Since I buy a yearly personal subscription to O365, it all "just works" with email, onedrive, etc... I don't have to do anything.
And yes, it seems the personal stuff works way better more reliably than enterprise... shrug
-
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
Probably most that don’t use AD. Of course some will not, but not many.
I tend to agree - most home users will use a MS account simply because it's what's presented. IT folks and some programmers might not, but I'm willing to bet it's way over half that do.
-
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
Probably most that don’t use AD. Of course some will not, but not many.
I tend to agree - most home users will use a MS account simply because it's what's presented. IT folks and some programmers might not, but I'm willing to bet it's way over half that do.
Have you seen a lot of home users doing this? I have not, of course my cross section is tiny. But of the ones I see that have zero tech skills, they all skip it because it is scary and confusing.
-
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
Probably most that don’t use AD. Of course some will not, but not many.
I tend to agree - most home users will use a MS account simply because it's what's presented. IT folks and some programmers might not, but I'm willing to bet it's way over half that do.
Have you seen a lot of home users doing this? I have not, of course my cross section is tiny. But of the ones I see that have zero tech skills, they all skip it because it is scary and confusing.
The option to skip it's obvious enough for most people I run into - they just do it, even if that means setting up a new account.
-
I constantly skip the MS account because it's just irritating to need yet another account.
And I don't want everything tied together.
-
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Dashrender said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@JaredBusch said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@scottalanmiller said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
@Obsolesce said in Why, in 2018, is Microsoft adding security questions to Windows 10?:
This only occurs, that I've seen, during OOBE when you set up the PC as a local, non-domain, non-Microsoft-Account, user.
Correct, as a standard local account. The "normal" way. Most people don't use AD, even in business this is dropping off quickly. And lots of people don't want to deal with those ridiculous MS accounts that they try to ram down everyone's throats. And who knows how secure those are, anyway.
That is not the normal way to set up windows anymore and has not been for quite a while. The normal way to set up windows is with a Microsoft account. In fact you have to click no to setting up a Microsoft account multiple times in order to set up a PC without a Microsoft account
That's what they promote, but I wonder how many people are actually doing that.
Probably most that don’t use AD. Of course some will not, but not many.
I tend to agree - most home users will use a MS account simply because it's what's presented. IT folks and some programmers might not, but I'm willing to bet it's way over half that do.
Have you seen a lot of home users doing this? I have not, of course my cross section is tiny. But of the ones I see that have zero tech skills, they all skip it because it is scary and confusing.
The option to skip it's obvious enough for most people I run into - they just do it, even if that means setting up a new account.
It is obvious? not really. And even if they see it and click on it, you have to refuse once or twice more.
