A Windows security update, Windows Hello and more have bloggers talking

Explore what Windows bloggers are writing about across the Internet. Topics range from upgrading on a budget to recovering Windows passwords to the security upgrades of Windows Hello.

The wonderful world of Windows never sleeps. There is always something new to keep an eye on, or some problem to solve.

Windows 10 is still the biggest topic in the Windows blogosphere. As companies gear up to migrate to Microsoft's latest operating system (OS), they still have a lot of questions, including how to make the move without breaking the bank.

Bloggers are talking about the OS for some good things -- as well as some not-so-good things. Windows Hello is on the positive side of the spectrum; it adds two-factor authentication to Windows security. On the negative side, Microsoft included a Windows 10 upgrade advertisement in its Windows security update for Internet Explorer on Windows 7 and 8.1 in a less-than-subtle and unwelcomed attempt to get users to migrate to the new OS.

Take some time to see what top bloggers are saying about Windows, including how to recover a variety of passwords and more.

Windows 10 on a budget

Windows 10 has quickly made a name for itself in terms of desktop market share. As of this writing, it commands almost 13% of the market share; only the Windows 7 juggernaut consumes more of the market. Clearly, people are adopting Microsoft's new OS, and any organizations considering making the move probably want to know the best way to do so without ruining their budgets.

Windows 10 has quickly made a name for itself in terms of desktop market share. As of this writing, it commands almost 13% of the market share.

There are four main steps organizations must take, according to Mikey Anderson's blog. First, address hardware. Understand Windows 10's hardware requirements, including tangential tools, such as mice and keyboards. If they're all compatible, great -- there's no need to buy any new hardware. If they aren't, IT may be able to simply install new drivers.

Next, check out software licensing. If an organization already runs Windows 7, 8 or 8.1, it shouldn't have much to worry about. But IT should still contact its software vendors to ask about any unexpected hiccups, such as hidden upgrade costs. An OS upgrade is also the perfect time to weed out any superfluous licenses a company doesn't need to pay for anymore.

IT should also re-examine its mobile device management policies. Windows 10 has a host of MDM features built-in, including data leakage protection and user authentication.

Finally, when a company switches OSes, it should update its disaster recovery plan -- especially if it had to introduce a lot of new hardware. Team up with a quality data recovery team and prepare for every possible eventuality. The more prepared IT is, the more time and money the company saves if disaster does strike.   

Shady advertising in Windows security update

If users see a Windows security update, they are almost always going to accept it, because they want to keep their data safe. And they certainly don't expect to have the Windows security update include advertisements. Well, in Microsoft's latest security update for Internet Explorer on Windows 7 and 8.1, that is exactly what users got, according to Shaikh Rafia's blog post. The patch has a built-in Windows 10 ad generator that places a banner on new tabs in Internet Explorer, suggesting users upgrade to Windows 10. It also adds a tutorial on how to get started with a Windows 10 upgrade.

This sneaky move is not Microsoft's first foray into trickery with Windows 10 upgrades. In some cases, Microsoft automatically downloads Windows 10 during an update, or says a Windows 10 upgrade is "recommended" on Windows Update, essentially trying to trick users into moving to the new OS.  

Greet Windows Hello

No matter how hard IT tries to make passwords safer, they are still risky. Users must remember them, they have to be stored somewhere, and they can easily be stolen by man-in-the-middle attacks and other malicious activity, Sam Basu said in his blog. Windows 10 brings two-factor authentication to the table with Windows Hello. The new tool uses biometric authentication techniques and stores the data on a user's device, so the access information only works on that specific device. Because the login information is unique to the device itself, nothing is transferred between devices and nothing is sent across a wire or shared with third-party apps.

Hello offers three authentication types. The first is a PIN, which users must set up before they can even use Windows Hello. The PIN serves as a failsafe in case any of the biometric tools don't work for any reason. But why a PIN is better than a password? With Windows Hello, the PIN only works on the specific device; potential intruders need the device in their hands if they want to get in. The PIN is not stored on a server; it's on the device itself. And IT can make the PIN requirements as complex as it wants.

The other authentication types are facial and fingerprint recognition. Facial recognition uses infrared cameras to perceive depth, so a photograph cannot trick it. The problem with both options is that only some devices have the necessary sensors built in to make them work.

Windows password recovery tools

Forgetting a password can be frustrating for users. After running through all the go-to options, recovering one can seem hopeless, but it's not. Windows includes a variety of password recovery options for almost any situation. These recovery options also reveal some of the security concerns inherent in passwords, Eric Geier wrote.

If a user  forgot a password on a Web browser, for example, Chrome and Firefox save a list of passwords in the browser settings. Internet Explorer has a similar feature on Windows 8 and later in the Credential Manager. There are also third-party tools, such as WebBrowserPassView, IT can use to recover saved passwords. Obviously, this is risky, because the third-party tool is out of IT's control and the passwords can be stolen. That's why it's important to find a third-party password manager that encrypts the passwords.

Users may also forget their Wi-Fi network passwords. But if they run Windows 7 or later, they can open the Network and Sharing center, click Manage Wireless Networks, open the network they need and find the password in the security tab.

If a user forgets his Windows account password on Windows 8, 8.1 or 10, admins can reset the password anywhere on the Microsoft site. If the user is on Windows 7 or XP, admins can turn to bootable tools and remove a password offline. Fair warning: This procedure can delete some secured data, including saved passwords or Windows encrypted files.

Next Steps

Windows 10 migration station

Work through the Windows 10 update process

How to upgrade from XP to Windows 10

Dig Deeper on Windows 10