Remix.run Logo
Borealid 21 hours ago

TPMs support setting a PIN without which a key cannot be used.

The PIN can be an arbitrary string (password).

tegmentum 19 hours ago | parent | next [-]

I wish they wouldn't do that with the naming. It's confusing as hell to call it a PIN (Personal Identification Number) if it's actually a password.

ButlerianJihad 18 hours ago | parent [-]

Well... it would also be confusing to call them "passwords" because they are not that.

  In addition to biometric authentication, Windows Hello supports authentication with a PIN. By default, Windows requires a PIN to consist of four digits, but can be configured to permit more complex PINs. However, a PIN is not a simpler password. While passwords are transmitted to domain controllers, PINs are not. They are tied to one device, and if compromised, only one device is affected. Backed by a Trusted Platform Module (TPM) chip, Windows uses PINs to create strong asymmetric key pairs. As such, the authentication token transmitted to the server is harder to crack. In addition, whereas weak passwords may be broken via rainbow tables, TPM causes the much-simpler Windows PINs to be resilient to brute-force attacks.[139]
https://en.wikipedia.org/wiki/Windows_10#System_security

So you see, Microsoft needs a way to describe an access code that isn't a password, because it's more secure than that, but yet it isn't exactly a number, so what do you call it? "PIN" is perhaps an unfair recycling of an in-use term, but should they coin a neologism instead? Would that be less confusing?

XorNot 17 hours ago | parent [-]

Secret Code Word.

Communicates it is meant to be secret, and can be a short memorable thing.

palata 16 hours ago | parent | prev [-]

Though if your computer is compromised, then the malware can read the password, right?

Borealid 15 hours ago | parent [-]

If your computer is compromised while you enter the PIN in such a way that the malware can read your input, yes.

If your computer is compromised after you've already entered the PIN, or there is an app running on the computer but it is not sufficiently privileged to sit in between you and the TPM, no.

That's quite good protection generally. The defense against this type of attack is to get a smartcard reader with an on-board PIN entry keypad - those do exist, but it's quite a step.