Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Skins: Single Sign-On with Images

Posted by CmdrTaco on from the i'll-believe-it-when-they-deploy-it dept.

Appol writes "Berkeley researchers propose a Mozilla extension to stop phishing. They claim that users only need to remember one password and one image for their lifetime to securely log in to any number of sites. They also use uniquely generated visual hashes to "skin" trusted windows and webpages, which is harder to spoof than the SSL lock icon. To verify that the skin is legit, the user has to compare two images, which is easier for novices than verifying a certificate."

3 of 169 comments (clear)

  1. No to discriminate by a3217055 · · Score: 4, Insightful

    There are people who are blind what do they do ? Stare at the screen hoping there eye sight comes back?

    Not a good over all solution, you need a seperate medium/channel to display such pictures.

  2. Re:Colourblind? by yotto · · Score: 4, Insightful

    *what if they're colour blind?*

    They'll pick a black and white image?

    --
    Pulp Audio Weekly - Geek News and Reviews
  3. infected computer by tacroy · · Score: 4, Insightful

    I skimmed the article, and I noticed the adware section, but it didnt really answer my question: If the secure aspect is the local picture and the local picture needs to be pulled from the local machine by the page then what is to stop an adware program from grabbing that api and using the secure picture on a insecure site?