New Authentication Scheme Proposed

← Back to Stories (view on slashdot.org)

New Authentication Scheme Proposed

Posted by Soulskill on Friday February 8, 2008 @01:21AM from the more-secure-less-portable dept.

jerel brings us a story about a prototype authentication system which approaches security from an atypical angle. It focuses on hiding identity challenges from attackers in addition to the responses. The system, Undercover [PDF], "uses a combination of visual and tactile signals in the authentication process." "The system displays a set of images to the user and asks if any belongs to the image portfolio that the user had previously selected. At the same time, the trackball sends the user a signal that maps each button on the case to a certain answer. The user's hand must cover the trackball for it to operate, so a sneaky observer wouldn't be able to see his or her selections, or answers. So a would-be attacker can't 'see' the tactile challenge presented by the trackball and therefore doesn't get the user's authentication data, even though he or she could see the image challenge on the display."

6 of 102 comments (clear)

Min score:

Reason:

Sort:

For increased portability... by sakdoctor · 2008-02-08 01:35 · Score: 5, Funny

...I suggest a booth with a dance dance revolution mat inside.
When the user is asked to enter their password they enter the booth, shut the door and strut their funky password.
1. Re:For increased portability... by Tolkien · 2008-02-08 02:16 · Score: 2, Funny
  
  Employer: Is your password really that long? Come on! Hurry up and finish already.
  Me(from within the booth after 5 minutes of dancing): Ssssh, I'm trying to concentrate - this is the best part!
  
  --
  how is babby formed?
Re:Keypad by anothy · 2008-02-08 01:57 · Score: 5, Funny

my job takes me in and out of jails frequently
yeah, that and the early burnout are the two big problems with a career in the narcotics trade.

on the upside, you get to set your own hours.

--

i speak for myself and those who like what i say.
Re:The classic Encryption communication turned aro by thomasdz · 2008-02-08 01:57 · Score: 3, Funny

Aww crap... sorry... I thought TFA was about Encryption, not Authentication... so instead of a potential +5 Funny, I get a -1 Irrelevant.
That's what I get for posting at 5:30am before I've had my caffeine.

--
Karma: Excellent. 15 moderator points expire sometime.
Yeah, but the real question is... by Prototerm · 2008-02-08 02:21 · Score: 4, Funny

Would I be able to still fit my password on that yellow sticky note I keep on the monitor?

--
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
Re:Keypad by mpickut · 2008-02-08 03:30 · Score: 4, Funny

Don't you dare call me a lawyer! We heroin addicts have enough of a image problem without being linked to those soulless drains upon society. At least if you made heroin legal we would stop stealing and stay to ourselves.

--
Sigs are for losers.