Slashdot Mirror
Recognizing Your Own Handwriting As A Password
Gary writes "A new online authentication system called Dynahand could make logging in to websites a little easier. With Dynahand, users simply identify their own handwriting, instead of entering a cryptic password or buying a biometric device to scan their fingerprints. The user's handwriting samples contain only digits, since numerals are harder for an outside party to recognize than letters are. The digits displayed are random, so the handwriting is the only clue to the correct answer."
...who virtually cannot write by hand anymore? I can't even write a proper signature, haven't been using hand writing since I was playing RPGs 10+ years ago.
I'd say it would be pretty hard to determine how my digits would look like.
Probable impossibilities are to be preferred to improbable possibilities.
Aristotele
As novel as this whole handwriting angle is, doesn't this just amount to a multiple-choice test? There's always the off-chance of some random stranger getting in by sheer luck.
Additionally, that's not taking into account the massive amounts of ways someone could get samples of your handwriting. Besides the obvious garbage-picking, things like tax returns, property deeds, or other legal forms can often be public information, and there's a good chance you've written numbers on one at some point.
Slashdot Burying Stories About Slashdot Media Owned
I am not a cracker. I am not a phisher. I do not try to get into random people's accounts.
I can't help thinking that IF I ever did try to get into someone else's account, it would be to spy on or get revenge on someone I know. (Really, that isn't something I do. This is a big IF). In those cases, this would surely be so much easier. For example, I am sure I would recognise my family's handwriting.
I certainly remember, when I was a secondary school maths teacher, having to work out who had produces a certain piece of work by recognising the handwriting. Obviously, being maths work, this usually involved recognising digits.
Back in the late 80's, a UK bank did some R&D on this area and came up with a novel idea. It was signature recognition BUT rather than analysing the actual signature, it 'listened' to the pen on the paper as it moved. They found that anyone (well.. some people anyway) could do a fair replication of someone else's signature if they went slowly but it was almost impossible to recreate someone's signature at the same speed and with the same pressure/flourishes.
In case anyone reads this and copyrights the damn thing, there is prior art and it worked. They just didn't think the market was ready for it.
I want a list of atrocities done in your name - Recoil
Because it wouldn't help them.
Almost 15 years ago, I was working on a demo system for a more secure way of issuing benefit payments (at the time, the payee had a paper booklet, and there was quite a lot of trouble with stolen booklets). We investigated what we could practically put on a smart card (similar type of smart card as what is in modern credit cards). One of the things we investigated was signature recognition.
We had a system that did it extremely well, well enough that we never managed to forge another person just signing with an "X". The system not only looked at the shape of the writing, but the way the person wrote - the speed, accelerations, stroke weight etc. The genuine user could be recognised even if they signed fairly scruffily (the system didn't return 'true' or 'false', but rather a confidence). However, another person even if they signed their X to LOOK as much as the original person's X looked would get a very low confidence score.
This was almost 15 years ago - the technology was pretty damned good (but quite expensive) at the time. We managed to get the signature, the person's details and a photograph onto the smart cards of the day (I think they had 8K of storage). The signature took up 1K.
Oolite: Elite-like game. For Mac, Linux and Windows