Slashdot Mirror


Using Password "Keyprints" as Another Form of Authentication?

Adam Kiger asks: "I have written two programs with patents on both. The first program captures the keypress and keyup events per letter of a typed password in milliseconds and returns a numeric value per letter. I am also capturing the keypress of the first letter and the keyup of the next and returning a numeric value in milliseconds. My second program takes these values and runs an analysis of the values after 20 entries of your password to determine what I call a 'keyprint'. 91% of the time you enter the password my values captured matched each letter entry and the time between letters entered. I also can show the results of these tests in 2D graphical representaion. I used my wife as a test subject, gave her my password and she couldn't login to either Windows or my website! I have wrapped these programs around Windows Login and a Website's login control, and it works fine so far. The only problem I have found and not researched are the user using different keyboards. So I've come to ask Slashdot: Is this a viable security function?"

2 of 100 comments (clear)

  1. Yes it is by NiceGeek · · Score: 3, Funny

    Give me your password and I'll prove it. :)

  2. Re:No patents by Steve+Cox · · Score: 3, Funny

    Actually I think it was a misspelling. He wrote two programs with patterns on them.

    The first one has a nice plaid pattern, wheras the second one (and this is the clever bit) has a striking blue and green pattern on it.

    Steve.