Slashdot Mirror
Pictorial Passwords
Stone Rhino writes: "No longer do you need to remember passwords. Now, thanks to graduate students at Berkeley you merely need to pick out the right pieces of abstract art. There is a story on it at the New York Times. However, there is a problem with it that I see: 5 images from a set of 25 means 53,130 potential combinations. This would be much easier to crack by brute force than a standard alphanumeric password with its billions of possibilities and millions of likely choices." Maybe you have to get the sequence of images correct? If so there are some six million combinations, still weaker than a optimum password but probably stronger than the passwords most people choose (usually their significant other's name). There's another article on passwords in that same NYT edition.
Looks like they are planning on using it for ATM Machine's which only have 4 digit numbers... seems like a better idea to me.
Nobody will ever find out my password, because it's "swordfish"!
These links to stories that can't be read are rather annoying. Isn't there enough news that can be read without an obnoxious registration procedure? (For the record, yes I have registered a couple of times. And forgotten the password. It just ain't worth doing again. I still haven't managed to kill the emails I get from the last registration.)
Sure, why not? At least one penguin would be in any Linux user ;)
> than the passwords most people choose (usually
> their significant other's name)
So does this mean that the harder a person's password is to crack, the less likely they are to have a sex life?
Customer's have enough trouble understanding "click the button with the X in the upper right corner".
I wouldn't know where to begin trying to describe what pictures to use for their password... "Ok, now choose the picture that looks like a moose being sucked into a vortex".
I agree with the article poster on combination issues, sooooooo, what about a drawing addition, it shows you a piece of abstract art and you draw (ala Graffiti style) your interpretation......
Oh wait , thats no good, all the guys will be drawing boobs and all the girls cats......Hmm Ok weve got our combinations down to 2, what not that is reached this level of sophistication and security MS will buy the patent for sure......
Seriouly keep working on it guys it could be cool.
Sig went tro...aahemmm.....fishing........
First Link: http://college.nytimes.com/2001/12/27/technology/c ircuits/27PBOX.html
c ircuits/27PASS.html
Second Link: http://college.nytimes.com/2001/12/27/technology/
This seems to be a great example of a unique and rather interesting way of looking at something we use every day which will be an impossible sell in the real world. We're stuck in the mindset that "My password is...X-X-X-X" rather than "My password looks like..." I'd expect to see more studies about password retention and techniques.
I wonder how the ATM screen burn would play hell with this.
-Barkeep, a draft of your most hazardous brew, for the world is slowly stepping into focus, and I don't like what I see.
"Galadriel is one icy babe but Jackson got it right"
Password: gi1ibbJgir
And I'm sure this approach is nothing new to most /.'ers. And the cool thing is that just a couple of words from the password, say Galadriel and babe, is enough to bring the bloody password back long after one's finished with it.
Feh!
:wq
until the dolphin hacked his brain :P
-motardo
Here is the right link
Story here no login required
A year or so ago, I found this little beauty: PassFace Technology -- Give it a try. You click on people's faces to get in.
What was interesting was that in finding that URL, I went back to the site for the first time in over a year, and was able to log-in no problem. I remembered my combination of faces.
There's definitely something to this technology!
rOD.
Rod Begbie done this, and he's not
Remembering passwords can be tough, granted, but I don't think pictures are the answer either. If you only had one or two "passwords" (Picwords? Passpics?) to worry about, but more than that, you'll just start to confuse pictures from one set to another.
Also, what about the disabled? It would seem like a no-brainer to offer vision-impaired an alternative, text-based password, but if your rolling this out large scale (like ATM's or something), you might be looking at a number in the thousands of customers who can't use your picture-password system. Major admin headaches.
It hurts when I pee.
...will become more demanding. There are lots of terminals around that are not capable of displaying graphics.
"Even high-ranking executives may act on naïve impulses when it comes to choosing a password"
Even high-ranking executives? Make that especially.
To increase your security, instead of using your significant other's name, use your significant others' name. Get more {girl, boy}friends.
RealUser has done almost exactly the same thing, except using faces, not abstract designs. It's worth checking out their site, since they seem to have thought it through reasonably well. (Read the whitepapers; they have the real meat...) One of the interesting things about these systems is that since you can't describe your password, the correct choices have to be displayed on screen along with some invalid choices, which opens up the system to some attacks unless you construct it very carefully.
The latest PocketPC OS have a nice way of avoiding bruteforcing of four-digit passcodes. There is simply a growing delay between each time you can enter a new passcode after entering a wrong one, so that after entering the wrong passcode seven times or so, there is an almost ten second wait before you enter in a new passcode.
:)
Wouldn't this be a good way to avoide bruteforcing of these pictorial passwords?
Have you seen Safe House film? http://us.imdb.com/Title?0120051
There's a intesting way to draw passwords.
I've found that most of the people I know tend to use the same password or pin for everything they have - their e-mail password is the same as their AOL password is the same as their bank PIN and so on.
Using pictures would make this all but impossible, since every provider would (or at least, SHOULD) be using their own set of pictures.
While that's all good for security, I can't believe that it would make remembering your password any easier. Since the story is touting that as the chief benefit, I think they're going to have a really hard sell.
What's your damage, Heather?
Can you imagine having an emergency in our future-tech age?
"No Bill, it's Black Guy, Asian Guy, Samoan Woman, Black Guy with the scar, White Guy with glasses! Hurry up before the Holodeck explodes!"
------
Today's Top Deals
The point being of course, that for a password to be easy to remember, it does not have to be a literal word. It can be based on some other factor that is easily memorized, not based on words at all.
"It is a greater offense to steal men's labor, than their clothes"
However, there is a problem with it that I see: 5 images from a set of 25 means 53,130 potential combinations. This would be much easier to crack by brute force than a standard alphanumeric password with its billions of possibilities and millions of likely choices."
Gee, how about we just stick to the good old "3 tries and you're locked out" system we've had for, oh, 20+ years now?
------
Today's Top Deals
everyone knows that the three most commonly used passwords are love, secret and sex, but not necessarily in that order.
oh, and don't forget god. system admins love to use that one, its the whole male ego thing.
The world moves for love. It kneels before it in awe.
A cursory reading of the article suggests that passwords aren't limited to permutations of 25 elements; 25 is just the number of images against which you have to verify. It's like being shown a list of 128 binary numbers and asked to choose the one that's yours; the numbers themselves can be more then 7 digits long. Of course, that still means that some mechanism is necessary to prevent brute-forcing, but that's a relatively trivial problem (especially in contexts like ATMs, where they already do that).
Passwords have never been more than a low level rung on the ladder of trust. If you want security, equip the ATM with a fingerprint pad and/or a camera and eye piece capable of taking retinal prints.
The rest, as we can read, is just a bunch of jokes.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
'nuff said
But I have done my work in the IT-support dept. and I think that many would agree that this system would be a lot better in many cases.
I have seen to many times people doing all the "don't do's" like writing down the password and putting it on the desk, keyboard, monitor. and forcing them to change the password once in a while makes it even worse, like they use a name followed by a number and then they just increment the number when the have to change the password.
The lack of a single signon often amplifies this problem.
If I remember correctly, there were some SNES games that used this scheme before. I think that some FIFA game used arrows to represent passwords, and used the control pad to input them. Of course, the maximum combinations were 4^n being n the lenght of the string.
By other side, the alphanumeric characters are just the same that abstract symbols, only that they are limited by 36^n combinations, given only uppercase; there is not real difference on using kanji (4000+), hebrew (22-27) or abstract shapes (unlimited?) except for the fact that they may be easier or harder to remember.
Ummm...I'm a lousy artist and probably couldn't accurately duplicate the drawing.
And "being close" and getting through only defeats the purpose of a password in the first place.
OK, they've done a little feasibility study and it's interesting, but what about the details:
1) How do you mail a customer his PIN number/password? How does tech support tell a user that's locked out of his account that his password has been changed to squiggly line with blue background, orange ball, pink hearts, green clovers, yellow moons, etc.?
2) What will the blind do?
3) What about all the terminals in the world (ATM and otherwise) that aren't in color or don't support the needed graphics resolution?
4) How about a more comprehensive study to see if users tend to select the same images? Doesn't do much good to have 25 images if 70% of the population ends up picking the same 5 images every time. If users keep selecting common passwords, how do we know that they won't select common picture combinations?
Not so sure at all.
Have been doing exactly this for at least 6 years.
Karma: Shitty (mostly due to American moderators)
Seems like you'd have to be really careful not to exclude the color blind. And the actually blind. Or just those with bad vision, or really poor visual memories.
Visit me on #weirdness on the Galaxynet.
...if you leave info on your ex-roommate's computer and he loses his junk lawsuit against you and uses the info to steal all your accounts/nicks/webmailboxes/etc.
What I find interesting is that most people have poor spatial reasoning and form recognition. In fact, tests of those two are used in IQ tests and the ASVAB (Armed Services Vocational Aptitude Battery) - specifically for military to guage your ability to avoid friendly-fire incidents, recognize enemy movements/formations/activities.
Since it's obviously not a picture-puzzle to be assembled, I think a lot of people would have a hard time remembering.
think for yourself, you won't like the results if others do it for you.
Uhh... can you see the implications for this and pr0n sites? Hrmm... Jenna Jameson, then Ron Jeremey... crap what was the rest of my password??!!?
We can already do boobs, ya boob.
On the group's page they don't offer any code, but there's a screen shot, some research papers and links to other articles, and a link to Andrej Bauer's (of Forum 2000 fame) Gallery of Random Art.
Drag password icons here: [iMac Chick.gif] [Ranting Steve Jobs on Hitler's podium.targa] [my favorite black turtleneck.psd] [amusing Windows crash bitmap.bmp] [under construction.gif] [mom.psd] [dogs playing poker.psd] [pencil.psd] [profesor Falken.jpg] [joshua.jpg]
sensitiveartist:/home/grafxDSignR #
if someone is so stupid, they can't remember an alphanumeric password and need to point out a picture instead, they have no business ever touching a computer, much less whatever sensitive data is being protected.
And du -k `which login` if you want to guarantee canonical results, but we're not so pedantic that we want to go optimizing our humor now, are we?
Since they intend to use this as an ATM machine security system, its worth noting that since the beginning of ATM machines, generally three wrong PIN number entries in a row will cause it to eat your card. I suppose one could try a couple passwords, cancel the transaction and get the card back and repeat ad infinitum, but this seriously hampers the brute force effort.
Do not taunt Happy Fun Ball(TM)
isn't it a bit odd that the nyt reporter uses a number for her middle name?
nobody
parturiunt montes, nascetur ridiculus mus
I went through the RealUser demo and it seemed easy enough to remember the faces (and presumably any other image based system would be about the same). But I'm only remembering one unique series of faces. As soon as any system like this grows to the point where you have to remember you set of work computer faces, home computer faces, online computer, ATM faces, etc, etc, ad naseum. Not even to mention when work face #3 looks like one of the faces that's a choice for home face #3 but isn't. As soon as a system like this becomes commonplace it would become unusable.
Anybody within viewing distance can watch you enter your password!
At least with typing your fingers obscure the keys, and most people can type their passwords fast enough to make it hard to see.
I saw a similar system once, where users were required to to choose a series of faces. I'm wondering what the degree of success for remembering a password like that would be... I'd think it'd be even higher, since it's easier to remember faces than abstract patterns.
This document contains a rough reckoner for calculating whether a passphrase is strong or weak. It makes the point that for a passphrase to be as strong as the encryption in PGP, it needs to be 30+ characters long. ! Remembering one or two paintings might not quite cut it.
For most systems, you can safely use shorter passphrases if you are only permitted a limited number of attempts or have no access to the machine (like at a bank) or the passphrase is changed frequently, or if the phrase is truly random.
Regardless, the strength of the passphrase is almost always the weakest link in any security system.
"Well, put a stake in my heart and drag me into sunlight."
Not only may it be easier to remember, but it would have the obvious advantage of being immune to keyboard loggers. Perhaps they could get a series of x,y coordinates of mouse clicks but presumably the location of the patterns is randomized so this would be of little use.
So where do I enter this password in my old, trustworthy 10" monochrom vt220 (or my PuTTY at work if you're reaction to the former is "yuck! those should've died thousands of years ago").
A picture of a will,
a picture of hot grits,
a picture of pants,
and a picture of Natalie Portman?
And thats easy to remember!
It seems that a visual password would make it much easier for someone across the room to see and learn. One would have a hard time looking at my keyboard if they were behind me, but the whole reason any password login puts bullets on screen is so someone looking at the screen can't see it. Does this system use a mouse or is there some way to pick out the pictures using a keyboard with no on screen indicator? Of course, if that's the case, then this system may not be as idiot proof as they hope.
Do not taunt Happy Fun Ball(TM)
1. When you type in a password, and someone is looking over your shoulder, all they'll see is ***** or XXXXX. Protecting from someone looking over your shoulder with this new system will be much harder. 2. Wouldn't gesture based passwords be better for applications where #1 is not a problem?
Why don't using the enterie lab color spectrum?
16,4 mil. times 5 combinations are far more difficulter than choicing 5 out 25 pieces...
The second article mentions the Department of Defense guidelines for passwords. They're an interesting read.
Thank you goatse man! :*)
i'd just like to see this work on a console-only system... perhaps a return of ansi art? :)
09
How is this meant to be secure?!?
In the old days it was possible to say to someone "Don't look at my password!" as you typed it, and even if they did look they probably couldn't get it unless you typed it too slowly.
Now we're selecting pictures on the screen with a mouse? It just won't work!!
However, there is a problem with it that I see: 5 images from a set of 25 means 53,130 potential combinations. This would be much easier to crack by brute force than a standard alphanumeric password with its billions of possibilities and millions of likely choices
What they dont mention is that pictoral passwords are intended to be used in an ATM enviornment, rather that on a LAN. The PIN for your ATM is only 4 numerics long, not even alpha-numeric. A brute forcer can do 2 million/sec on a 800mhz pc, it would brute the entire key space in a millisecond in ATMs.
The reason why PINs are only 4 digits is the other compensating controls you have in the banking enviornment.
1) There is an extremely limited interface to the ATM (just keypad and and a few multi-use keys).
2) The physical security of an ATM, these suckers are actually safes that are resistant to bomb blasts, rednecks trying to tow them away with their 1/2 ton chevys, etc.
3) The PINs are stored on a crypto device, not physically at the ATM, that destroys itself if it is pried open.
So, this would be good for banking applications, but not good on your LAN... for obvious reasons.
I recommend you check out my classmate's Master Thesis on http://www.cs.umu.se/~niklasf/exjobb/.
He is currently working at RSA Labs, so I imagine he knows what he is talking about! :)
I have 1 Gbps Internet access@home
one of the problems that many people have with "strong passwords" is *NOT* their lack of a strong kinesthetic memory- I can ``remember'' any password simply by typing it: sound familiar?
:)
:D)
Problem is that this has NOTHING AT ALL to do with how you actually pull out that memory. I mean, having this strong kinesthetics allows you to keep that password in your head, but it does nothing for pulling it out (unless you ALWAYS use the same password... more on this later)
What triggers that memory really has to be one of four things: A sound, an image, a phrase (written), or a touch. That's not true, at least with me (functional keyed-retreival) but most people at least fall into those four.
This is a cue that your mind uses to pull out those memories at the appropriate moment. The feedback starts and you can whip out your password completely automatically, right?
Some "realistic solutions" to these problems include: BIOMETRICS - which don't require ANY memory, SINGLE LOGIN - which limit the number of cues needed, ASSYMETRIC-KEY - which relies on math, etc, etc.
I say "realistic" because people have used them and they DO work. They don't affect that memory pathway in and of itself, but instead rely on more durable pathways (e.g. outside of the person
Unrealistic methods? Pictorial passwords. Besides the obvious that they're useless to the blind, many (dare I say most? nah, I couldn't find those numbers) people lack a visual eidetic. This means that they're very easy to confuse with similar images - because they cannot be used as triggers for their memory- They simply cannot remember seeing that.
Surely, they can remember the memory of seeing, or the act, maybe if they described it to themselves (common: turning a visual cue into an audio one, but this is time consuming and rarely works for long) - point being, it pushes WAY too much emphesis on only one cue.
With our current method, I gain some visual cues; input fields on the left, on the right, a popup, etc. I also gain some functional cues (mail related? do I know these people? am I these people? was this just a test?)
I then turn all these cues into the blinding flash of realization that sends my fingertips into a frenzy typing out the appropriate login and password for wherever I'm at. (except on slashdot, i'm a wuss... i use cookies
My cues may not be the same as everyone elses' but everyone does have cues. I think that changing the focus of WHAT we remember is less important than changing the cues by which we DO remember.
(There, I think that makes more sense now)
Yeah, it could be immune to keyloggers but it would open up (in my opinion) a much larger security flaw in that anyone watching can see the picture combo you're using. Text passwords had the advantage of being able to type the password fast enough that noone can tell which keys you are pressing.
In order to have secure passwords, they have to be more or less random. It is, however, very difficult to remember long passwords.
I was once toying with the idea of trying to have a computer learn how we type the passoword in, instead of just the password itself. Do you have a favorite password you've been using for a very long time? Do you always type it in the same way (timings between keystokes, optimally the pressure on each key as well). That way passwords would become more secure with age!
Of course, there would be the difficulty of repeating the keystokes under great stress and so forth....
hmm.. if it were 5 out of 26...
you'd have a 5 character, case insensitive password, where the order of letters don't even matter!
again, how is this supposed to be more secure than traditional passwords? Becase you have to learn a new character set?
What's the point. Letters are symbols just like the art. (pick X out of 26). This is not exactly revolutionary.
Know someone who is stealing cable? Report them!
Isn't this the same sort of thing from the movie Johnny Mnemonic. Of course they had Jones the psychic dolphin, to hack his brain.
it's not new. i remember using an apple newton that had a picture based password option.
US Citizen living abroad? Register to vote!
I once read about a hack which consisted of analyzing the "typing rythm" of a user : this way, the system could determine whether the user was hwo he claimed to be by analyzing the time he took to enter his passwd characters, as well as the period of inactivity between pressures on each of the keyboard keys.
Of course applying it may require some learning session from the software...
I however think it is high time we got pressure-sensitive keyboards so that we may finally derivate such idea in some kind of computer-graphology (BTW these keyboards would be great for musicians as well as hard core gamers who need enhanced versatility while fragging around).
Until then, I presume it would still be be possible to use the mouse to write the password instead of typing it.
An advantage of either concept is that the annoying 3 second waiting time we have after a wrong passwd entry could be avoided if the login daemon detects that the attempt is too long to be part of a brutal force/dictionary attack.
Trolling using another account since 2005.
Here is an easy way to keep all your passwords unique and easy to remember.
Take a short obvious word, like "hot", or "mail" for a hotmail account for example. All your passwords have an obvious word. Then create a pattern you use to generate key based on your dumb words that are impossible to forget. One of my old favorites was using the old Konami code on the keyboard layout. i would turn hot for exapmle into hothotho, and then pick the button up up down down left right left right from it. so you get: y9gniygp -all your passwords are complete gibberish, but you can never forget them, and all you have to do is change the pattern once and a while...your simple words never have to change, so you really have less to remember, considering the # of unique passwords you have.
retinal scans don't work for women who become pregnant.
That reminds me of a passage from "The Gripping Hand" where someone enters a password by drawing a cartoon on her handheld computer.
--- even the safest course is fraught with peril
No longer do you need to remember passwords. What do you mean? You still have to recall the images, thus you still have something to remember. Try retina scanning or fingerprinting for a password (or a combination of both) to remove this burden from the user.
"Okay...next click on the picture that looks like big breasts"
-- www.globaltics.net
Political discussion for a new world
Interestingly enough, this is something that I tried hacking out a few years ago (though not under the pleasure of being funded by an academic institution).
I found that people like to click on distinct places, and not the whitespace between shapes/objects. Otherwise, they won't be able to remember exactly which spot they clicked on. This can be analogous to people using dictionary words for their alphanumeric passwords.
Another annoyance that I found was that hitting the exact pixel that you wanted was nearly impossible. You're more likely to hit one adjacent, or 2 away... so increasing the area of error reduces the number of possibilities.
Finally, when I want to get work done, I don't want to play a video game. Making someone hit their exact spot in a sequence of 5, or 10 images, whatever requires skill and accuracy. If you hit the first 9 right, and mess up by one pixel on the last, you have to start all over again. Imagine if you had to achieve a difficult feat - like slaying 20 characters in Quake on nightmare mode before you can log in... damn.
In summary, I think this is a really cool idea (otherwise, I wouldn't have gone to the trouble of implementing it myself) - but the downsides outweigh the benefits.
- passion
...we are allowed repeated characters, right? Doesn't that mean we should have 25^5 = 9,765,625 combinations? I like the security odds if this is coupled with the "3 tries" rule. Here's a potential problem, though: if this type of system is honestly supposed to be used at ATMs, there's a huge conversion cost for every ATM. We can't tie it down to just a regional change, because people move/go on vacation/etc. I can just picture the bank fees increasing again...
This just won't work for most applications.
Oh, maybe for an ATM, where it's more secure than a four-digit PIN, it'd be secure enough, but it's still unworkable.
Most ATMs use very low-res displays; in fact, many are text-only displays. (I believe a large number of them are actual Hercules monochrome cards, with the ATM running OS/2, for instance.)
If you use a touch-screen, it'll become impossible to hide what you're typing, so you pretty much have to stick numbers up there and have people type the number of the correct picture. You'll have to swap the pictures around if you want to prevent people from just writing the numbers down, so you'll end up with it being harder to remember because the pictures are all on screen at once and in a different place every time.
In the end, you'll have to keep the number of pictures low, and the length of the password low, or people won't be able to remember. Hell, people forget their 4-digit PINs now.
At least with a PIN you can disguise it when writing it down; put it in your address book as Uncle Luigi, with the last four digits of his bullshit phone number being your PIN. What are you gonna do if you need a reminder for this, take a Polaroid of the screen and put it in your wallet?
I'm sure there are applications where this technology will work, but I don't think ATMs are it, and I'm REALLY skeptical about using it for locking PCs.
Biometrics are the future of easy-to-remember identification.
Then you could use the whole phrase. No dictionary attack's going to be useful against that, especially if you fiddle with case and it'd take rather a long time to brute force it.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I can't see the point in using this for ATMs. Those things are never brute-forced, it's much simpler to just have a guy stand behind and watch you type. Assuming you still have to press some button to select the pictures, he can still watch. The best security improvement would be a cover over the keypad, or putting the ATM itself inside a one-person sized cubicle.
Of course other systems are subject to brute force attacks on weak passwords...so this may be more approprate there. I can just see it in Windows 2004 - "Press ctrl-alt-del and pick the right 3 cats". Hmmm...business use??
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
The biggest security problem is people are vulnerable to social engineering. It is too easy to get someone to share alphanumeric passwords, pictures would make it much harder for people to share passwords. However it seems a little late for this to take off, as biometrics are coming down in price, and will mostly eliminate the problem.
for the project itself
http://www.sims.berkeley.edu/~rachna/dejavu/
Which always seems to be missing.
Much simpler... LOL
/satterth
Being called a dork on Slashdot must be like being called the retard in special ed.
Insecure! Insecure!
This trick is well understood by the crackers of the world, who do not discount passwords to try because they aren't in the OED. They have wordlists of Tolkein, and Dune, and Star Trek, and Star Wars, etc. etc. You'd be better going for something less Geeky.
For me, I use strings of characters based on a keyboard shape. Example: gfhbt makes a sort of star on your keyboard. I add some punctuation in there too of course. You can quickly learn a sort of muscle memory of the movement you make to type it. Doubtless now someone will post explaining how crackers beat this one.
This abstract art sounds a good idea, but surely there's a better way? The human capacity to recognize faces is one of the most effective known. So, make my ATM password Margaret Thatcher, Abe Lincoln, Spock and Graham Chapman(wasn't that an actual plot of an episode?)
~~~~~ BigLig2? You mean there's another one of me?
No, with the realuser faces system, you have to click on 1 face out of a grid of 9 and then repeat a further 4 times. If you complete the sequence of 5 clicks incorrectly three times in a row, you're locked out completely for 5 minutes. Not sure what happens if you get it wrong after the 5 minute wait, I suspect that the account you're trying to log into will be locked completely.
And the people shall be oppressed, every one by another, and every one by his neighbour Isaiah 3:5
can be found in one of the researchers' papers, where it can be seen that the poster, editor, and many of the commentators here make incorrect assumptions. The user of the system must simply recognize which subset of images from a presented set belong to a previously chosen portfolio. The number of images in the portfolio is larger than the number of portfolio images in the presented set; this makes shoulder surfing ineffective unless it is done repeatedly. Also, identification of the portfolio images can be done by pressing keys, and can be hidden just as are conventional passwords. Each image is equivalent to an eight-byte number, but from this large set they have hand-selected 10,000 images for the current implementation, still leading to a very large number of possible passwords.
The weakest part of the system is what I would have thought was the obvious one: quoting from the paper,
Have you ever walked by a secretary's desk and found that he/she had a piece of paper with all passwords on it?
Tell normal users to remember "aybab2u!" is not really workable. They can't remember when they have 5 or more accounts, and then they would write it down.
Just let the users pick whatever they want, and it's the sysadmin's job to secure system (like detecting any cracking attempt?) Asking for difficult to crack passwords encourage written down passwords, which someone with some social engineering skills would get that easier than cracking. (Point of view from 1 article in 2600 magazine.)
A sig is redundant.
And how are we supposed to remember these 5 or so pieces of abstract art in sequence? They all look the same to me!! I expect that most users would store them as image files in sequence in a file and lock them up with an alphanumeric password.
It goes something like this. You choose, say, five pictures when setting up your password.
When entering the password, the computer displays a grid of pictures, randomly placed, one of which is the first of your five.
Once the first picture is selected, a new grid of pictures is displayed, one of which is the second of your five, again, randomly placed. The process repeats for all five pictures.
At each iteration, a cracker is faced with a 1/25 chance of getting the right picture (assuming a 5x5 grid). That's 9,756,625 different combinations. A cracker is also faced with an ever-changing input pattern. The pictures may be in a straight line this time, but odds are against it next time.
There are two other factors which make this system more secure. People are visually oriented, so remembering pictures is easy, especially compared to a mess of uppercase, lowercase and symbols. The other factor that makes this more secure, is that it is difficult to describe pictures to other people. If the system uses pictures of faces for example, it would be very easy to use similar photos (ie same model, different poses, or different models, same pose), and yet it would be difficult to describe to someone else.
"I'm not impatient. I just hate waiting." - My Dad
I thought of two problems with this system, maybe a more comprehensve article would answer these questions.
Anyway, since humans are very good at remembering visual information, wouldnt it be fairly easy to watch someone login a few times and see which images are the same.
Also, i see another problem, if someone was watching you they can determine what images you select. This would happen because of the speed at which you would select the images. since, the images are most likely randomly placed, you cant remember the position of the items, so you have to process the complete set of images and then select the proper images. Then if someone is looking at you, they can see the keys you press, and associate it with the image.
Compare that to textual passwords. You know your password isn't going to change, and even if you type at 20wpm, it would only take 1 or 2 seconds to type the password. And I think, it is much harder to look at your fingers and determine which keys you hit at which time.
By design, only the driver's window on the port side of my vehicle can open. On the starboard side, the front passenger's window can open, and the rearmost window can be propped out about two inches. Other than that, all of the windows are permanently shut. This is the way the vehicle was designed.
"I'm not impatient. I just hate waiting." - My Dad
For example, the user draws the same simple picture several times, abstract or otherwise, and the computer images and stores the picture.
Next time the user wants to login, they are presented with a simple blank square in which to input their password.
This would be an interesting step up for non-typed password authentication. Apple has done some interesting things with voice password recognition in OS 9.x, but it wasn't 100% accurate.
-----
"Cogito Eggo Sum: I think, therefore, waffle."
Does anyone here actually think this is a good or even plausible idea for the general public? The complexity and problems abound. For example:
Whats me password set to when i first receive my card? You're telling me i have to memorize some random images for the first time?
I call the bank/support/whatever and over hte phone want a new pin, gee, thats real easy to explain. Well, your password is now that image that has the kind of horsey looking thing in it and has lots of colors...
What do you mean you're color blind, or better yet, completely blind?!
No matter what, some people will need to write it down. I doubt that they would rather draw a picture of their password rather than keep a few numbers in their wallet (yes, i know that is bad, but welcome to the real world).
The sad thing is this crap will get someone a PHD. Yah grad school.
Why not up the permutations by allowing the user to rotate the selected pictures?
passwords most people choose (usually their significant other's name).
:)
1 2&mode=thread
I thought that one of the most popular was 'god'.
http://slashdot.org/article.pl?sid=98/09/14/19492
--sdem
I'm all for biometric access systems. But as soon as we do that.. All of the privacy freaks will start screaming about being tracked by "the man", because now its a 99.99% chance that it is them. At least if you don't use them, you can always say someone stole your card and figured out your pin number to launder that drug money.
Agreed, on-screen indication of your image choices would facilitate shoulder-surfing. Not Good.
Compatibility with legacy ATMs. There's even more difficulties than just shoulder-surfing... what happens if your account uses a "visual password" and you find yourself at an "old-fashioned" ATM that requires a numeric PIN? Poof! So much for being able to access your account around the world! Unless, of course, you are also required to memorize a numeric PIN, which will likely be forgotten from disuse! Any additional security from the additional permutations offered by a "visual password" would be lost as a cracker could try and break the numeric PIN, instead.
Physical posession of bank card not required. Further, with more and more banks offering on-line access, there is no longer a requirement that the physical card be present at the time of the transaction. Set up a shell account, use the on-line bill-pay feature to send some funds to it from the hijacked account, and the deal is done.
Computing the number of passwords.Since I went through the work of figuring these for myself, I thought I might as well share it here to save others from the work. Also, there are other ways of viewing this which lead to a vastly larger number of choices, so I'll include those here, as well.
Current practice #1. Many accounts require only a 4-digit PIN. Which offers the user a choice of any 4-digit number from "0000", "0001", "0002", ... "9999"; that works out to their being only 10, 000 choices.
Current practice #2. Some accounts permit an 8-digit PIN. Which offers the user a choice of any 8-digit number from "00000000", "00000001", "00000002", ... "99999999"; that works out to their being 100,000,000 choices.
Original posting: 53,130 possible choices. That seemed much smaller than I would have thought. For those who are interested, here is how that number was reached.
The calculation resulted from determining the number of combinations of 5 objects taken from a pool of 25 where order is not significant.
First, the calculations which produced this value, and other possible computations which produce a much-larger number of choices.
The original 53,130 can be worked outas follows:
(25!) / ( (25 - 5)! * 5! )
= 25! / (20! * 5!)
= (25 * 24 * 23 * 22 * 21 * 20!) / (20! * 5!)
= (25 * 24 * 23 * 22 * 21) / (5 * 4 * 3 * 2 * 1)
= (25 * 24 * 23 * 22 * 21) / (5 * 24)
= (5 * 23 * 22 * 21)
= 53,130
The original posting suggested it might be more like 6 million choices. If, we assume that the order IS significant, AND, no re-use of a choice is permitted, then we can come up with the "six-million" choices:
25 * 24 * 23 * 22 * 21 = 6,375,600
If re-use of a previously selected image is permitted, then we have ALL 25 visuals available for EACH of the 5 choices:
25 * 25 * 25 * 25 * 25 = 9,765,625
Summary. In short, there are at best on the order of 10 million choices using the visual password technique, and it would require a tremendous amount of change to the existing ATM infrastructure. Simply using an 8-digit PIN permits 100 million choices, and does NOT require any major changes to existing ATMs. In light of these calculations and costs to implement, I doubt we'll see this new technique implemented any time soon, if at all.
ObAside: I think that the most ridiculous password cracking scene has to go to that Swordfish flick (which excelled at showing Halle Berry's tits but otherwise was just another shitty John Travolta flick) where the pinhead hero manages to crack the '128 bit' login while getting a blow job from Halle Berry but with a pistol to his temple! Hey, I bet I can do that too, except without the handgun to the temple part.
:wq
Sure, then the theives just have to grab your hand, or the back of your head and shove it up to the scanner. I guess they should also have a stress guage of some kind to, but then I'd never get to my cash after a day of trying to whip the team into shape.
:wq
I've been thinking for some time that pictorial cues would make for better error messages than the current situation. Anyone who has spent time doing customer support has had a conversation something like this: "it's broken" "did it give any error message?" "yeah, something about error or something" "please put your head in the blender"
Has anyone done any research into pictorial errors? I think the average end-user might actually remember 'blue puppy with a banana'. You don't need too many symbols before you can encode a fair number of error messages especially if you include a small number of colour variations, and the sort of thing used currently by people like MS is meaningless to everyone but the programmer anyway (long hex codes). Once you've accepted that the user is not in a position to fix the problem themselves, then the challenge becomes one of conveying the information to the support person without corruption or loss of detail.
Obviously, having software that doesn't produce errors or allow the user into 'error' situations would be better still, but that seems to be too hard.
"don't fall into the fallacy of believing that Perl can solve social problems. Maybe Perl 6 can, but that's a ways off"
Beware of too much security. Some people bypass security on purpose. Like when I'm busy I get my wife to go to the bank for me, she knows my pin#.
I ran into this when my manager wanted to change a reservation system that used user defined passwords to one linked into the unix user passwd. People complained that before they could just give the password to their secretary to change something. Now they are forced to do it.
dumbass. enable the X overlay extension in your XF86 config file.
I hate timed passwords. I know they are more secure and all, but you really have to create a balance between passwords that are secure, and password that you can remember. I only use a few universal passwords on my accounts. I know this isn't the most secure thing in the world, but I'd rather have that than forget what my password was. (I brag about having a six-digit ICQ number, because everybody's already signed up for it 4-5 times when they forget their password.)
Zodiac Survey
I wish. A couple of years ago, I worked as a sysadmin for a large government institution (which will remain unnamed) where I determined that 89% of all passwords could be compromised in three tries by using
- the username
- "password"
- "secret"
Given a fourth try, you could nail half of the remainder with "pass".And yes, I tried to get this changed, but end-user recalcitrance trumped common-sense. Until we have standardized biometric validation over secure channels, I don't think it's going to get any better.
Proud member of the Weirdo-American community.
You can talk about password possibilities a long time, but that's not the way it works in the industry. I've done some tech support on a big administrative floor, and although our system is very secure, the biggest security hole comes from the user. I've seen many times the password written on a post-it on the screen, or under the keyboard. Since we force the user to change its password every 60 days, they end up forgetting which one is current. And then I have to assign a new one. The better the password, the more likely they will write it down because they can't remember it.
Research on new password types like pictures is a good thing. alphanumeric characters are good for computers, but not for humans. I think that if we can find a new way to secure user access, it will be a giant leap in computer security.
As I learn more and more, I realize I don't know much.
the pseudo-anagram method is the best. Think up a sentence or phrase and use the letters in an order than makes sense to you.
I really like 2 eat pizza on Fridays. Irl2epoF.
The addition of nyumerics and punctuation GREATLY increases the complexity and time required to brute force a password.
errr....umm...*whooosh* *whoosh* Is this thing on ?
I'm not certain these techniques address the major problem most of us face: assuring unique identities on the systems with which we interact.
/.'ers can probably empathize with me. I have a (password-protected, of course) password app on my Handspring Visor. I have nearly 30 passwords and user ID's in this app, including my /. ID and password and NYT ID and password. This does not include the systems with which I interact on a daily basis. Add those ID's and passwords, and I probably have nearly 40 identities to remember.
Most
Granted, the normal user doesn't have our problem. However, the normal user also has little inclination to merely accept this predicament. While I think nothing of whipping out my Visor for a password, most people lack the sense of urgency we feel to insure system security. Nor do they have the patience to commit 30+ identities and passwords to memory.
Maybe we've run into the "Aunt Minnie" problem. Aunt Minnie knows who she is, she wants to be her everywhere, and she has no desire to create a unique identity on every system she sees. So we shouldn't be surprised to see Aunt Minnie use her AOL ID and password for Web sites and such.
JA
http://www.johnalex.org/
Ever stop to think that the REAL reason for this might be to get more to consider abstract krap as "art" and something that is useful in our society?
Till now, I've been using dd if=/dev/random bs=1 count=X | uuencode -m - for varying values of X (e.g. 6 for my Unix passwords, since Unix password utilities are so lame, or 32 for my encrypted FS passwords, or other crypto apps that allow "passphrases" -- I'm making these numbers up, but they're in the right ballpark).
The problem is that they take me a while to remember -- maybe 3 or 4 logins for my Unix password, up to a few weeks for my encrypted FS password. Until I get them memorised, I have them written down ("typed down"?) in a file (which is GPG-encrypted). It's quite a nuissance. God save me if I ever forget my GPG password ;)
The md5sum is absolutely brilliant, though! It's uniformly distributed and doesn't correlate well to its input, which are the aspects you want from a random password, but also it's easy to regain if you forget it, without writing it down! Unfortunately, it only uses 4 bits per character (as opposed to 6 bits per character for uuencoded random data), so you'd have to do some more conversions on it in order to get it "dense" (for systems that don't allow long passwords).
..about a year ago. I've become infatuated with PHP over the past few months, and as a personal project I created a web based authentication system that required the user to click on certain images in order to enter a restricted area. The only snag was that there was no obvious "enter your password" page. When you hit the site, it looked like your average web page with standardish looking graphics. The user had to click on certain images on the main page (in a certain order) and they would be led to the private zone. Think of it as logging into /. by clicking on the graphics already supplied on the homepage.
The only flaw we found was that mouse clicks can be monitored remotely all to easily. Not necessarily through a network connection, but just by looking over someones shoulder, even if you're some distance away. It was like typeing in a password, but the stars don't come up to mask your characters.
Eventually it all seemed nifty, but not very useful. We have since started looking into biometrics, particularly fingerprint ID systems. Their cost is coming down quickly and they integrate well into Win2K. I'm now looking into how to get these things to work well with my Linux boxen.
I'm against picketing, but I don't know how to show it.
Pick 10 of your favorite pornographic pictures and make it your "password" Pick out the ten from a set of a thousand other pornographic pictures. There are 2.7 x 10**23 permutations, which is close to 80-bit security. Sure it may take some time to pick out the right ones, but I sure wouldn't mind...
I have 4 foreign license plates hanging on the wall right behind the monitor (well, foreign to me, they're US plates). Most people think of it as a nifty wall decoration, but little do they know. They hold the keys to my online identity. All of my password consist of a plate number, a combined plate number, the number backwards, etc. And most sites allow you to enter an own forgot-my-pass question. For me this is usually (Illinois+Washington) so i exactly know my passwort. And they're not special plates with dictionary words but alphanumerical ones. Unfortunately my fav isa little too obvious - it's from the State of Washington and reads "31337".
+++ath0
What do the Steelers have to do with penguins?
Reminds me of the videogame Zillion for the Sega mastersystem.
You had to go around a room and shoot canisters, that when you walked up to them showed an icon (there were maybe 20 total?)
Then after you get the 4 icons, went to a computer and entered them (in any order) to open the door to the next room.
I always had to write them down because remembering pictures is not easy for me to do.
I would have to do the same thing if this was used in real life.. ick
--Jon
Banja.com (warning: flash site, albeit an extremely nice one) uses a pictorial password system... Of course no important data is stored there, just your game status. Anyone know of any other examples?
Logging into my account at Playboy.com, now let's see if I can remember....
"Blonde frontal, Redhead reclining, Brunette upper body... oooohh, look at the zoomies on that new asian chick in the lower right corner, will ya?"
"# Password rejected: try again".
Comment removed based on user account deletion
Today's dumb security hole:
Someone sent me e-mail today (not spam) with a bad source host name. I looked at the headers, and put the last IP address into a web browser, hoping to locate the sender. This immediately connected me to a Vina Technologies router for four T1 lines, both data and voice. No password prompt, no security whatsoever. I could read the whole system config, including passwords, and appeared to have enough privileges to reconfigure the router. Located the relevant network provider and told them. They were extremely embarassed, and fixed it within minutes.
That reflects badly on the router manufacturer. A unit like that should not come with no password, open to the world, as a default. Linksys, though, is notorious for this. Not only do their routers come with no password as a default, they will accept TFTP firmware downloads from the outside world. We need product liability for this sort of thing.
Finally, we caught up with Monkey Island's piracy protection scheme.
And hey, it only took us 10 years!
I saw this in a movie once.
Just in case someone decides to patent it...
I'm having vivid flashbacks of the copy protection of years past: They would give you a page number in the game's manual, and show you a list of symbols. You had to find the right symbol in the book to play the game.
Folks, I thought they stopped doing this sort of thing years ago. Just goes to show how everything is cyclical. I hope that no patent comes of this though. Talk about prior art...
"You're never ready, just less unprepared."
Translation - "I had to use a dictionary because I don't have a mastery of 6th grade English. You're mean! You're the dummy!!!"
The method has been previously described (using faces) by PassFace and RealUser, and they are trying to commercialize it.
Passlogix has been pushing this idea for at least a year. They refuse to listen to WHY it is a bad idea, even when confronted with overwhelming proof that it is not secure.
In Passlogix visual password schemes, ORDER DOES NOT MATTER.
This is a bad thing.
Most of their passwords have about 27 or so combinations per password "element". (Some are weaker than that.) This alone makes it weaker than a standard passphrase. If order does not matter, then the longer the password, the less it adds to the entropy. At five characters you lose about 95% of the number of combinations v.s. if order did matter. It goes downhill from there.
To make matters worse, the gui is such a pain to use that people will not make passwords larger than about five characters!
Their backup routine would also allow someone to grab all of the password data and crack it on their own computer later.
Passlogix was told about these problems. They claimed that each passowrd element represented more than one bit of entropy. Where this other magical entropy came from i am not certain. (Only their proctoligist knows for sure.)
Graphical passwords are a bad idea as presently implemented. They do not add entropy and they are enough of a hastle that they encourage people to use short passwords. A bad idea all around.
"Trademarks are the heraldry of the new feudalism."
Hmm... it's been done. Anyone remember Johnny Mnemonic? They cracked the code using a fish for god's sake! :-P
8==8 Bones 8==8
My password is ********
At least that is what I see on the screen!
This sounds like the system used in Safe House.
Were that I say, pancakes?
If the pictures are displayed in random order and are selected with a mouse (or keyboard: picture "5") then the system offers someprotection against keylogging. Sure a counter-measure can be created but every bit of added code makes it harder to hide the keylogger. Random picture order does remove one form of memory retrieval though: the pattern of keys/pics that one selects. For instance, I remember my bank PIN and most telephone numbers by the pattern they make on the keyboard and not the actual numbers. When I need to know the numbers specifically my fingers tend to do a little dance...
Forgot your password? Click here.
Earlier you wrote...
"Looks like Picasso... or Dali... hell I don't know."
It took a graduate student to come up with pictoral passwords? How the hell is somebody supposed to write down their password for future reference?
At Asiacrypt this year, Nick Hopper presented a paper (by he and Manuel Blum, both of CMU) on a related theme. The goals were to come up with an authentication process that could be performed:
..."). A challenge would consist of the scene with a random digit superimposed over every object.
By a naked person,
In a glass house,
Without any calculation aids (i.e., scratch paper).
The idea was to have a large (say, 20 by 20) grid of squares. The user remembers a few (say, 7) of those squares by their positions. This can be aided by shading the grid, so the user can remember "one of my squares is that white one in the black blob at the upper-right."
A challenge is performed in the following way: random digits, 0-9, are assigned to each square in the grid, and presented to the user. He adds up the digits inside his squares, and enters the last digit of the sum (mod 10 arithmetic). Here's the kicker: the user has to do this 7 times (with 7 different random assignments), but he MUST answer EXACTLY ONE challenge (of his own random choice) wrong!
It turns out that you can prove some pretty strong things about this scheme: even if an adversary has tons of computation power, can watch "over the user's shoulder," and make the user authenticate himself a million times (way more than any user could ever do), the adversary's odds of authenticating as the user are extremely low. The authors' experiments showed that most people (well, OK, CMU grad students) can authenticate themselves correctly within one or two tries.
To aid memory, I suggested using a complex scene (like a "Where's Waldo" picture) and having the user remember a few objects in the picture (e.g., "hammer, red-haired woman, church,
The major problem with this scheme is the time it takes to authenticate (about a minute or more). I don't know if they are going to do more experiments, but it sounds like it has potential.
OK, sounds like a good idea at first, but reminds me of the "date problem"
The "date problem" arises because humans like to assign significance to round numbers (like all the "end of the world" stuff surrounding the year 2000).. to combat this, a former Discordian decided that he would create his own calendar, using letters instead of numbers - you pick an arbitrary year, and this becomes year "A", next year is year "B", etc.. after 26 years, you get "AA", and then "AB", then "AC", etc.. the rationale behind this is that the lack of nice, even numbers means that people can't say "year 2000 is special", because there is no year 2000.
So far so good, right?
The problem with this is that humans have an (instictive?) desire to attach significance to unrelated objects.. so nobody can say that "year 2000" is important, but they will simply adapt this impulse to the new frame of reference: like "year DEATH", or "year SATAN" or year "ITSTHEENDOFTHEWORLDASWEKNOWITANDIFEELFINE" (this isn't my bit, but paraphrased from something I read a long time ago - my apologies to the original author, I don't remember where I read it.)
So back to the topic at hand...
People frequently use the name of their signficant other as a password - so we change the method, thinking it will solve the problem.. but it won't because all you're doing is moving the reference - now instead of using the name of their SO, or "1234", people will pick objects that have significance to them - such as picking pictures which feature their favourite color, or faces of people who look like thier SO.
And an even bigger problem with this (besides dealing with visually impaired people) is that people will be told "this is more secure than a password", so people will be even MORE inclined to make bad choices, which means that it's worse than sticking with the old way..
In short, it's an interesting idea, but the techies who came up with it should have run it by the psych department.
Hurray! Yet another unnecessary and useless way to make programs even more bloated!
Now, not only can we have little comic-book like "help assistants" which run around your screen, cheerfully ask you to enter a question, and then display some goofy animation that's meant to be more amusing than functional, now we also get to have a password program which clogs up RAM and slows down boot time.
Is it really too difficult to ask people to remember a few simple passwords? Heck, they can even write them down on a sheet of paper to help them remember.
As I've said before, we do not need any features to make operating systems easier to use. Windows, MacOSX, BeOS, and now even Unix' (beyond the initial installation) are intuitive and can easily be figured out. Perhaps the slight difficult associated with OS' should serve as a barrier to keep those too lazy or dumb to learn a few basics away from complicated machinery -- after all, anyone who can't sit down at Windows, MacOS, BeOS, or even a Linux desktop and figure out how to use it is clearly a few brain cell short of an amoeba. Wouldn't want to make those people think too much!
Look, just because new computers make it possible to add new and more graphical features doesn't mean you should add them! Is it really necessary for "ease of use" to have a little "Help assistant" as MS has in MS Word? No, it is not. The Help menu is unmistakenably visible. Now that doesn't mean you shouldn't add graphics where they increase functionality, as MacOSX has done. The glassy and gradiated menus which appear to pop out of the screen add to functionality because they clearly separate different components of the GUI.
For example, look at an Aqua theme under themes.org (note: If you want to understand the rest of my comment, you probably should look at this link):
Aqua Theme
I'll tell you the good and the bad about this theme, where the aqua glassy gradiation helps and where it is irrelevant. In the XMMS Window, the Aqua gradiation clearly distinguishes the backwards/play/pause/stop/forward section of the player. This is useful as these are major functions of any sound player. However, the penguin to the right of the image is just a useless graphic. As for the stratiated horizontal white/gray bands going accross this and every other window, which is typical of MacOSX, this is useless in terms of functionality, and should be removed. For functionality, the background should simply be a pure white, light gray, or light blue, or perhaps a dark blue or black for contrast. If you want to have any background graphics on this window, you should have a gradiating darkness around the edges, to make it appear to be bulging out, and clearly demarkate the termination of the window. As for the red, yellow, and green buttons in the upper right hand corner, the color distinction is useful for recognition, but does not help one figure out what the functions are initially; there should be slight pictures within the jelly-bean buttons to demakate what their functions are. As for the text in this window, while it looks nice, it is hardly functionaly. For example, the "Equalizer" is hard to read because it is block-typed. I'll end my criticism and commentary of this particular aqua sheme at that.
I've remarked on one example, but this is what developers should be asking of every feature and every inch of their program before they release it. If they have a graphical feature, does it really contribute to usability? Are start-up screens really necessary, or just a waste of CPU cycles? What about the logos you typically see in the corners of programs -- useful, or just a waste of space and of RAM, which slightly increase load time, without offering any benefits? In limewire, is that little Lime logo really necessary? Even in Linux, are the brand logos in programs necessary? Come on, we all know what program we have and who made it -- no need to advertise. Yes, it does look cool the first time we open the program, and it looks neat when your advertising, but as you use the program more and more, it becomes and annoyance. At hte least, the ability to remove such useless graphics should be added.
What I am proposing is an analysis of graphical features beyond, "that looks cool", or "that's pretty", or "that's neat". Cool, pretty, and neat are all fine and dandy -- but they shouldn't be the reason for adding a graphic to your program. Approach graphical interfaces the same way you approach language, or try to. Firstly, it should be functional; secondly, it should be clear; thirdly, it should be precise and minimal in nature to serve that function (i.e., for a button, making it larger increases its utility to its function, up to a certain point, beyond which it becomes annoying and distracting); fourthly, it should be pretty and elegant.
social sciences can never use experience to verify their statemen
How about instead of images having all of the keyboard characters displayed on the screen. Then the user could keep his usual password.
The interesting thing about Passfaces ( other than the idea that a small number of face choices is as secure as anything but a PIN-length password), is that most people can recognize faces well but can't describe them verbally well enough to reveal their passfaces to anybody else, even under coercion or court order. Rough descriptions ("it's a guy with a beard" "it's a woman with short hair") are easy, but they shuffle the faces around enough that unless the Bad Guys are showing you the actual pictures, you can't give a usefully repeatable description.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
of a Nintendo game?
I Browse at +4 Flamebait
Open Source Sysadmin
But I have more trouble remembering images then I do numbers. :(
:)
I have some nifty keen passwords though.
looooong as fucking hell and random as shit with lots of misc stuff thrown in there. Various PWs for different sites too of course, security level varies. ^_^
Need help treating your acne? Come here!
How about the crappy movie Johnny Mneumonic?
Was that you dragging around the mattress stuffed with money doing your Xmas shopping ?
As the saying goes, 'everyone does it differently'... rarely does one person's idea of l33t match anothers.
--sdem