Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graffiti as Password - Secure and Memorable

Posted by Zonk on from the crouching-tiger-hidding-content dept.

Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."

4 of 76 comments (clear)

  1. Myspace crackers would love this by antifoidulus · · Score: 5, Interesting

    odds are the password of a 14 year old boy would be a spacegun, so that pretty much gives you control of half the accounts on there :P

    --
    Monstar L
  2. People are forgetting something by gilesjuk · · Score: 3, Interesting

    Firstly, passwords are used a lot on the web. Having a password system where you have to draw limits the use of websites when using a mobile device.

    Secondly, if people can't see they can't easily use a system where you draw.

    Other problems are what language or plugin do you use? flash, java?

    You also have to store this information in a database in some form. These methods prevent brute force attacks but won't stop people using SQL injection and other exploits.

  3. Not as secure, IMO by rustalot42684 · · Score: 5, Interesting

    What happens when the person next to you looks and sees what you're drawing? The advantage of text-based passwords is that you can have them as stars or whatever onscreen. And if the users are unwilling / too stupid to make secure passwords (with numbers/letters/symbols), a drawing isn't going to be fundamentally more secure anyways, it's just a gimmick.

  4. Memorable? by Bieeanda · · Score: 3, Interesting

    I don't know about anyone else, but even my signature tends to shift a bit every time I jot it down to take a delivery or acknowledge a credit card payment. Even something as simple as a circle is going to throw no-match errors, unless the system's got a lot of built-in leeway for curves and squiggles that aren't in precisely the right spot.