Win8/Win8.1 picture password, just looks beautiful?

Although we often be warned when creating passwords online, "Do not use excessively simple passwords or always use the same password", a large number of people have adopted a direct disregard. In fact, even if we use a password with a high security factor, hackers can still get user passwords in a variety of ways.
In 2011, Microsoft introduced a cryptographic technology that combines image and touch-screen gestures in Win8. Microsoft has claimed that this password method allows users to have 11,5550,9083 passwords that can be created, which will be much safer than PIN numbers or text passwords.

This sounds like a perfect way, but the reality is not. Recently, a research team from Arizona State University, Delaware State University, and GFS Technologies found that users who use Microsoft's password-setting technology generally upload their own photos and then often choose Some specific points in the picture, such as a person's nose, eyes, etc., set a gesture password.
The survey results show that in the survey of 685 Windows8 users, 60.3% of users will choose these "specific points" to set passwords, and only 8.9% will choose "points" that are not obvious in the pictures. To set a password. The researchers then attacked the passwords through the algorithms they created, and the results broke through 48% of the computers.
It seems that this perfect password technology is not as we think, the research team suggested that Microsoft should create a picture password strength meter for this password, let users judge the security strength of the picture gesture cipher created by themselves. Is it high enough?