Slashdot Mirror

← Back to Stories (view on slashdot.org)

Typing Patterns for Authentication

Posted by CowboyNeal on from the no-one-touches-like-you dept.

Kelson writes "NPR's Marketplace is reporting on a new authentication scheme. BioPassword tracks the way you type your password: how long each key is depressed, the time between keystrokes, and overall speed. When someone tries to log into your account, it compares the pattern to what it has on file. It only allows you in if both the password and patterns match. The technique has been around a while. World War II Morse code operators used it to determine whether a message was sent by an ally or an impostor."

7 of 259 comments (clear)

  1. Interesting you mentioned WW2... by jafo · · Score: 5, Informative

    No, I'm no going to say you invoked Godwin's Law right at the top of the article...

    I immediately thought of WW2 when I read the title. A Morse Code operator's style was called their "fist". German operators became quite adept at mimicing the fist of other operators, and using the fist to identify captured operators didn't work well. This is why they had other signals for identifying that an operator was not captured. Things that would look like a typographical or crypto error to a third party, but which was known to both the sender and receiver, and the absence of them would indicate capture. Of course, under stress, sometimes these were forgotten.

    The book Silk and Cyanide has a great discussion of the fist and other identification techniques and how they failed and succeeded (mostly the former). Highly recommended.

    Sean

  2. Re:Fist by OECD · · Score: 5, Insightful

    Oy. So now it makes a difference if I'm using my own computer or not? Or if I'm eating a bagel while logging in? Or if I have a hangover? Because my typing pattern is going to be different in each case.

    --
    One man's -1 Flamebait is another man's +5 Funny.
  3. Re:Reminds me of a story... by ScrewMaster · · Score: 5, Funny

    Short arms?

    Long penis.

    --
    The higher the technology, the sharper that two-edged sword.
  4. Seems like it would not work as I learn my passwd by rminsk · · Score: 5, Insightful

    When I first create a new password I typically stumble just a bit when typing it. After a few days/weeks I start building up motion memory for my password. How would the system handle when people impove typing their password?

  5. Re:Fist by justinbach · · Score: 5, Funny

    So now it makes a difference if I'm using my own computer or not? Or if I'm eating a bagel while logging in? Or if I have a hangover?


    Man, I don't know about those circumstances, but I would welcome an online financial transaction system that's good enough to recognize whether or not I'm drunkenly typing in my credit card number after a night on the town. The combination of woot.com and a few too many beers has on more than one occasion proved fatal to both my self-respect and my checking account...as if two Roombas isn't enough as it is!
    --
    I left my wallet in El Sigundo!
  6. +1 Clippy of awareness by Scrameustache · · Score: 5, Funny

    Oy. So now it makes a difference if I'm using my own computer or not? Or if I'm eating a bagel while logging in? Or if I have a hangover? Because my typing pattern is going to be different in each case. You appear to have a hangover,
    while you were drunk, I intercepted the email you wrote to
    • the girl from the office
    would you like to read it again before it is sent?

    [No] [Ignore] [Cancel]
    --

    You can't take the sky from me...

  7. Re:Fist by isaac · · Score: 5, Funny

    A Morse-operator's style was referred to as his "fist". This is referenced in Cryptonomicon.
    I think this is a pretty nifty idea, and I'm surprised it hasn't been done before.

    It won't be long before online fraudsters learn to copy users "fists."

    Yes, I predict the internet will be awash in "fisting" websites within the fortnight.

    -Isaac

    --
    I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.