Hands-On Windows 102 transcript
Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show
0:00:00 - Paul Thurrott
Coming up next on Hands-On Windows, we're going to take our first look at password managers, specifically what you get with Windows 11. Podcasts you love From people you trust. This is Twit. Hello everybody, and welcome back to Hands on Windows. I'm Paul Thurott and this week we're going to take the first of what I think will be two separate looks at password managers. We've talked about securing your Microsoft account. We've talked about pass keys a couple of times, but another key part of this online account security story, of course, is password managers, which most of us think of as maybe autofill, especially on mobile right, but password managers work on desktop systems as well, like Windows, usually through web browsers, with an extension, sometimes with a standalone app as well. It depends on the solution, and it's highly likely that most of you are using, or have used, multiple password managers, which isn't necessarily a great idea. So that's something we'll look at in the next episode, but for now, what I wanted to focus on was what you get with Windows 11 or just Windows, I guess and more specifically, what you get by using a Microsoft account, which is the way that most of us do sign in to Windows in the first place. Right, so Windows 11. Right, if you do things the Microsoft way, you sign in with your Microsoft account. That gives you certain advantages related to security and convenience. Right, your password from your micro or really the authentication token, I guess, for your Microsoft account passes through to some of the built-in apps. So if I go into OneDrive, for example, I don't have to sign into this. It has my sign in from the Windows sign in. Same thing with Microsoft Edge, although you can opt out of that in both cases, of course. Copilot same thing. A lot of the experiences and apps that come with Windows 11 just kind of synchronize up with your Microsoft account.
There are additional things which we can't cover everything here this week, but we I did talk about in a previous episode securing your Microsoft account. I assume and hope that everybody is using some form of two factor authentication to secure that account, that everybody is using some form of two-factor authentication to secure that account. The best solution right now is still a authenticator app like the Microsoft Authenticator app on your phone, right, someday Passkeys may evolve into that great solution. Right now it's kind of a mixed bag there, but that's the way to go. So and we talked in a previous episode too about uh, windows 11's native windows 11's native support for passkeys, which is not fantastic.
But when you sign into a computer using your microsoft account, you get a passkey and ideally that passkey is would pass through as needed to online services, say through a web browser. In my experience that doesn't happen very often, but that's the theory. But this is actually not tied to your Microsoft account. This is tied to your computer, which, by the specification, is how pass keys are supposed to work. If you want to see the information that's tied into your Microsoft account, you actually have to launch Microsoft Edge not Microsoft Designer, but Microsoft Edge and you could go to your Microsoft account website from here. There's nothing there for passwords at all. I mean, there's something there for your Microsoft account password, but not for your actual passwords, the passwords that are associated with your Microsoft account. So to see that you actually have to go into the browser settings. So there's a couple of ways to get to it. It's not obvious. You look over here and I don't see. I don't see anything related to passwords out here.
You think this would be a top level item, but in your profiles page there is this thing called Microsoft wallet, which is kind of a terrible name, frankly, but they went with this because, like other password managers, microsoft's password manager does more than just manage passwords, right, it manages online payment methods, it manages some personal information it's kind of light in this case, but and it can do other things, and so they're calling it Microsoft wallet, for whatever reason we can. These are all their own little interface. If you open Wallet, you get this kind of almost goofy interface because they want you to do these other things with it. Right, you can add memberships, gift cards, point cards, cashback offers. It integrates with Microsoft Rewards, microsoft Cashback as well. So, if you're using Bing and all that kind of stuff.
But really the important stuff here to me is the personal information, the payment methods and the password management bit, right, and so I'm going to focus mostly in the passwords, because that's kind of job one here. But, um, you can see I have 360 different accounts set up. From a basics perspective, this thing will do those things that you would expect. Right, you can view and edit passwords in this list. If you want, you can auto fill those passwords. If you go to an account, it will auto fill that information for you, which is ideal. It's supposed to do that for passkeys. You know it's getting there, but not exactly. You can import and export your passwords. So if you're coming from a different password manager, for some reason you're going to this or vice versa, you can do that kind of stuff, but this to me is just about the baseline, right, and so password storage and management good.
It's talking about reused passwords. A lot of them are reused. That's bad. I have a lot of those things not good and weak passwords. I have some of those as well, and so it will point those things out. You can go through the list and you can change them, which is what you should do. It will recommend passwords, which is also good, but you know just the basics.
One of the problems here is that if you I just installed this app, so Netflix, I have a Netflix account, right, and Netflix is absolutely in that list. And if I try to sign in sorry, oh, I signed up, already signed in everybody. If I try to sign in sorry, oh, I signed up, already signed in everybody. Uh, if I try to sign in, um, what you'll find out is that that password, uh manager, is not here. I can't, it doesn't work.
So if you're familiar with a mobile device like an iPhone or an Android device. You know that whatever you're using for autofill, your IE or password manager will autofill passwords in apps as well, and that's not the case on windows. So that's a minor inconvenience, but it's just one of those things to kind of know. Um, I don't believe there are any third party apps that, um that work that way. So it's it's not just Microsoft. Um, if you do want to use um, the Microsoft wallet I guess we'll call it the Microsoft password manager, as I think of it to manage your passwords, you can and you can use it on mobile as well, right?
And so there are a couple of different ways to get that thing on your mobile device. The most obvious is to use the Edge app, the Edge mobile app, if that's the browser you use and you use it on your iPhone or Android device or whatever. You can configure it in either system to be the autofill for passwords, right? So that works fine. You could also use the Microsoft Authenticator app, right, this is the app that I keep mentioning for the 2FA authentication. It also does password. It connects into your Microsoft account password database, so you can do password management, autofill and two of a all from that one app. So if you say you use Chrome or Safari or whatever, you can still use your, you can still use the I keep thinking of as your Microsoft account password manager.
There are downsides. So there is a Microsoft autofill browser extension for Chrome and Chromium based browsers. So if you use Chrome or Brave or Opera or Vivaldi, you're set like that's going to work fine. If you use Firefox or you have a Mac and you use Safari, there is no extension. So that's a big limitation and, depending on your needs, that could be bad and depending on your needs, that could be bad. And then the other thing is that standalone password managers offer a range of features that are much nicer than what Microsoft offers through wallet Dark web monitoring.
In addition to looking for passwords that are reused or weak passwords, a lot of them also work for accounts or look for accounts that have 2FA capabilities but you're not using them, and so it will highlight those so you can go through each of those accounts and add 2FA and make those accounts more secure and smart. We're starting to see the same functionality for passkeys. Right, it will give you a list of the accounts you have configured where that account type supports passkeys. You don't have a passkey for that account and you can go through that process from there. This is just basic security stuff. So you know, there's a cute little selection of things that Microsoft has around shopping and whatever. There's this ridiculous thing down at the bottom which, by the way, the way to get rid of that, because it doesn't make sense is this E tree thing that gets rid of that silly graphic that was down there. But they're lacking in what I think of as some really basic security functionality that we should all have. Microsoft does a good job of helping you secure your Microsoft account, but they don't really do a good job of helping you secure your other online accounts which you may or may not be managing with your Microsoft account. So my advice is, even if you're a diehard Windows guy or gal or whatever, you should use a third party password manager. I'm going to look at at least a couple in the next episode and we'll talk about what that looks like.
You can bring all your stuff over from Microsoft to whatever the solution is you choose. There were free options and paid options. The paid options are not expensive. Typically, the ones that you would pay for are somewhere in the $30 a year range. But there are a lot of good free choices as well.
These things work across platforms. There are a lot of good free choices as well. These things work across platforms. They work Windows, mac, linux, web, mobile. Obviously, some of them have standalone apps on Windows. Some of them are just browser extensions. You know lots of choice, so we'll look at that, but I it's OK to use Microsoft Edge. It's using your Microsoft account with windows 11 makes tons of sense.
I strongly recommend that to most people, um, but I really, really, really feel strongly you shouldn't uh, manage passwords with your Microsoft account, and so it works and it's basic. But I think you need and deserve more than that and we want to keep those accounts secure. So in the next episode I'll take a look at some other solutions and I'll just say whatever you choose, it will offer more than the Microsoft stuff, for sure. Okay, so hopefully that wasn't too confusing. Hopefully you found that interesting and useful and we'll follow up with the part two. But thank you for watching. We'll have a new episode of Hands on Windows every Thursday. You can find out more at twittv slash how. Thank you so much for watching. Thank you, especially to our club Twit members, we love you and appreciate you so much, and I will see you next week.
