clock menu more-arrow no yes

Filed under:

Windows 8 will sync passwords between computers, use virtual smart cards

New, 29 comments

Microsoft has announced that Windows 8 will use Live ID to sync passwords across trusted computers on the OS, and is simplifying the use of the Trusted Platform Module to store private keys for high-security business users.

Smart Card Reader
Smart Card Reader

With Windows 8's cross-computer password syncing, Microsoft is looking to bypass what hacker Kevin Mitnick has called the weakest link of computer security: the user. After signing in using a Live ID — a new feature on Windows 8 — you'll be able to store any passwords you create, then sync them across all other trusted Windows 8 machines. Since the Live ID is the only password you'll need to know, other passwords can be set to long, complex, and unique values that would be difficult to remember otherwise.

If you think this sounds familiar, you're right — Microsoft is taking on services like 1Password and LastPass, which use a master password to sync login information across devices. While we could see them extending the password system to a new version of Windows Phone, users with a computer, phone or tablet outside the Microsoft family will probably need to stick to one of the cross-platform solutions.

Microsoft is also taking security a step further for business users by helping simplify the dedicated hardware requirement for public/private key encryption, a more secure version of credentials exchange. Windows 8 will make it easier for private keys to be stored on the Trusted Platform Module that already exists in many PCs, rather than on separate smart cards like the one shown above. For some corporate types, that could mean one less card to carry around — and it could lower the inconvenience level enough to encourage broader adoption.