Now, with Windows Vista, Gates feels he finally has the right weapons to supplant the password as a means of verifying who is who on computers and over the Internet.
The new operating system, due later this year, introduces a concept called InfoCards that gives users a better way to manage the plethora of Internet login names and passwords, as well as lets third parties help in the verification process. Vista will also make it easier to log on to PCs using something stronger than a password alone, such as a smart card.
"We're laying the foundation for what we need," Gates said in a speech at the RSA Conference 2006 here.
Even with the advancements, Gates said he wasn't naive enough to think the password would go away overnight.
"I don't pretend that we are going to move away from passwords overnight, but over three or four years, for corporate systems, this change can and should happen," he said.
Replacing passwords is part of Microsoft's endeavor to simplify security, which Gates said is dearly needed. "We have an overly complex system today," he said. Vista and Microsoft's upcoming security products, such as Windows OneCare Live and Microsoft Client Protection, will make life easier for consumers, he said.
Microsoft has described InfoCard as a technology that gives users a single place to manage various authentication and payment information, in the same way a wallet holds multiple credit cards.
InfoCard is Microsoft's second try at an authentication technology after its largely failed Passport single sign-on service, unveiled in 1999.
InfoCard attempts to address the complaint many critics had with Passport, which was that people's information was managed by Microsoft instead of by the users themselves and the businesses with which they dealt.
Although Microsoft has talked about InfoCard, and early versions of the InfoCard code were released to developers last year, Gates' speech marked one of the first times Microsoft has demonstrated publicly just how it might work.
In a presentation, Microsoft showed how a consumer could use a self-generated InfoCard to log in to a car rental site and then use a separate InfoCard from a membership group to get a discount on the rental.
Internet Explorer 7 will support InfoCard, Gates announced. The technology will also be available for Windows XP, Microsoft said. InfoCard is one of several technologies Microsoft is developing for Vista, but the company is also making it available for XP.
Microsoft acknowledged that replacing passwords is something that needs to be done at the system level, but Gates said the company is also working on technologies to enable various identity systems used on the Internet to work together, something it calls the Identity Metasystem.
Video:
The end of passwords?
Bill Gates urges the death of all passwords and offers alternatives from Microsoft.
In order to provide people with better identity verification as they do business online, Microsoft is asking for a stronger type of digital certificate, a so-called high-assurance certificate.
Digital certificates are already widely used today in Web browsers to show that traffic on a Web site is encrypted and that a third party has identified the site and has vouched for its validity. But in recent years, standards of verification have slipped, undermining the sense of security implied by the padlock. That's why Microsoft and others have called for a new type of certificate.
Microsoft on Tuesday announced the first beta of Microsoft Certificate Lifecycle Manager, a tool meant to streamline provisioning, configuration and management of digital certificates and smart cards, the company said.
All eyes on anti-spyware
Gates also touted several of the other security capabilities that will be part of Windows Vista. In a demonstration, Microsoft showed its anti-spyware technology, as well as a new mode that runs Internet Explorer in its own "sandbox" so Internet code can't cross over into the rest of a PC.
As expected, the company on Tuesday released a second beta version of Windows AntiSpyware, now called Windows Defender. The first test version of the spyware-fighting tool has been popular, with more than 25 million downloads from Microsoft's Web site.
Windows AntiSpyware has been available in a beta version since January of last year. The program is designed to protect PCs against spyware, which is software installed on a system that's designed to watch the computer user's activity without his or her knowledge.
Windows Defender already exists by that name in the latest preview release of Vista. Microsoft plans to ship Windows Defender as part of the operating system, it has said. At last year's RSA Conference, Gates announced that Microsoft would deliver anti-spyware at no cost.
IE 7 also was announced at last year's RSA event. It includes many security and privacy protection capabilities, such as mechanisms designed to combat phishing attacks, spyware and other threats. Cyberattackers have exploited security flaws and weaknesses in the current version of Microsoft's Web browser in many attacks. A public preview of IE 7 was released in late January.
SAN JOSE, Calif.--For years, Microsoft Chairman Bill Gates has had his sights set on the password as the weak link in the computer security chain.Now, with Windows Vista, Gates feels he finally has the right weapons to supplant the password as a means of verifying who is who on computers and over the Internet.
The new operating system, due later this year, introduces a concept called InfoCards that gives users a better way to manage the plethora of Internet login names and passwords, as well as lets third parties help in the verification process. Vista will also make it easier to log on to PCs using something stronger than a password alone, such as a smart card.
"We're laying the foundation for what we need," Gates said in a speech at the RSA Conference 2006 here.
Even with the advancements, Gates said he wasn't naive enough to think the password would go away overnight.
"I don't pretend that we are going to move away from passwords overnight, but over three or four years, for corporate systems, this change can and should happen," he said.
Replacing passwords is part of Microsoft's endeavor to simplify security, which Gates said is dearly needed. "We have an overly complex system today," he said. Vista and Microsoft's upcoming security products, such as Windows OneCare Live and Microsoft Client Protection, will make life easier for consumers, he said.
Microsoft has described InfoCard as a technology that gives users a single place to manage various authentication and payment information, in the same way a wallet holds multiple credit cards.
InfoCard is Microsoft's second try at an authentication technology after its largely failed Passport single sign-on service, unveiled in 1999.
InfoCard attempts to address the complaint many critics had with Passport, which was that people's information was managed by Microsoft instead of by the users themselves and the businesses with which they dealt.
Although Microsoft has talked about InfoCard, and early versions of the InfoCard code were released to developers last year, Gates' speech marked one of the first times Microsoft has demonstrated publicly just how it might work.
In a presentation, Microsoft showed how a consumer could use a self-generated InfoCard to log in to a car rental site and then use a separate InfoCard from a membership group to get a discount on the rental.
Internet Explorer 7 will support InfoCard, Gates announced. The technology will also be available for Windows XP, Microsoft said. InfoCard is one of several technologies Microsoft is developing for Vista, but the company is also making it available for XP.
Microsoft acknowledged that replacing passwords is something that needs to be done at the system level, but Gates said the company is also working on technologies to enable various identity systems used on the Internet to work together, something it calls the Identity Metasystem.
Video:
The end of passwords?
Bill Gates urges the death of all passwords and offers alternatives from Microsoft.
In order to provide people with better identity verification as they do business online, Microsoft is asking for a stronger type of digital certificate, a so-called high-assurance certificate.
Digital certificates are already widely used today in Web browsers to show that traffic on a Web site is encrypted and that a third party has identified the site and has vouched for its validity. But in recent years, standards of verification have slipped, undermining the sense of security implied by the padlock. That's why Microsoft and others have called for a new type of certificate.
Microsoft on Tuesday announced the first beta of Microsoft Certificate Lifecycle Manager, a tool meant to streamline provisioning, configuration and management of digital certificates and smart cards, the company said.
All eyes on anti-spyware
Gates also touted several of the other security capabilities that will be part of Windows Vista. In a demonstration, Microsoft showed its anti-spyware technology, as well as a new mode that runs Internet Explorer in its own "sandbox" so Internet code can't cross over into the rest of a PC.
As expected, the company on Tuesday released a second beta version of Windows AntiSpyware, now called Windows Defender. The first test version of the spyware-fighting tool has been popular, with more than 25 million downloads from Microsoft's Web site.
Windows AntiSpyware has been available in a beta version since January of last year. The program is designed to protect PCs against spyware, which is software installed on a system that's designed to watch the computer user's activity without his or her knowledge.
Windows Defender already exists by that name in the latest preview release of Vista. Microsoft plans to ship Windows Defender as part of the operating system, it has said. At last year's RSA Conference, Gates announced that Microsoft would deliver anti-spyware at no cost.
IE 7 also was announced at last year's RSA event. It includes many security and privacy protection capabilities, such as mechanisms designed to combat phishing attacks, spyware and other threats. Cyberattackers have exploited security flaws and weaknesses in the current version of Microsoft's Web browser in many attacks. A public preview of IE 7 was released in late January.
