Authenticating With Your Mouse?

← Back to Stories (view on slashdot.org)

Authenticating With Your Mouse?

Posted by Cliff on Saturday February 1, 2003 @03:15PM from the obscure-but-cool dept.

degauss asks: "I am looking into various authentication schemes form my home machine, and one that I thought would be interesting would to be having a dummy login screen up with a user/pass prompt, but instead of entering a user/pass, you click at certain points on the screen in certain rytmhmic patterns (all of this is of course unknown to any unauthorized users, who will pound at the password for years). I was wondering if there it any such software or interface currently being developed, as it provides an interesting [semi-]biometric security solution without dumping a ton of cash on new hardware."

3 of 58 comments (clear)

Min score:

Reason:

Sort:

Along the same lines... by thecampbeln · 2003-02-01 15:28 · Score: 5, Interesting

How about using both of these ideas together? Have it to where even the correct username/password is not accepted unless the user clicks on the right section of the screen, or right sequence of sections of the screen in place of simply clicking "Ok"!? So in essence the "Ok" button would be a dummy and the correct "button" would be another portion of the screen entirely?

--
"1984" was ment to be a warning, not a guidebook. You hear that Kim Jong-il!? BushCo?!
Non-typing passwords... by Crash+Gordon · 2003-02-01 18:21 · Score: 4, Interesting

Many years ago, I needed to secure my work PC (a spanking-new IBM XT-286) from the night shift; since I was doing CAD I had an EGA and a fast machine so my office became the midnight game room.

I wrote a routine which put a login prompt on the screen, and then waited for a particular cadence on the DTR line of COM2. I patched this code into some blank space on the EGA's BIOS extension ROM, and executed it before the keyboard was even enabled during POST :-) COM2 had a plotter attached & I would turn the plotter on and off appropriately to boot the system. I never booted when there was somebody else in the room.

Then came a change in company ownership, with its attendant politics... I was canned on a Friday afternoon with no notice whatsoever. Nobody asked about my password. Of course the vultures descended on my office, and among the first things to go was the plotter. No plotter, no password.

Apparently after several frustrating weeks in Software Engineering the PC was returned to IBM for an expensive "repair" -- if someone had asked I'd have told them to swap the original EGA ROM from my desk drawer back into the EGA. Nobody asked.
1. Re:Non-typing passwords... by karnal · 2003-02-01 19:41 · Score: 3, Interesting
  
  Sort of offtopic:
  
  I was perusing various car sites a while ago, looking for fix-it information on my car. I found an interesting thing that someone had done for a kill switch: they integrated a push of the passenger's window "up" button (on the driver's side only) to allow the passlock 2 (GM) signal to the ECM.
  
  Kind of a neat hack, seeing as if you didn't tell anyone, and no one paid close attention as you started the car, they probably wouldn't pick up on the trick. However, one of the dumber things you can do in that situation is post it on the internet for all to see..... Guess that's why you didn't announce your "lock out" until well after you were finished with that type of security.
  
  Kudos as well to you, though -- that was a neat trick. Almost makes me wish I was more into hardware (like I was as a teenager)....
  
  --
  Karnal