Slashdot Mirror
Map Based Passwords
smitty777 writes "Discovery is running an article on passwords based on a very specific location on a map. Instead of showing UID and Password fields, the user would simply click on a very specific spot on Google Earth, for example. I wonder how you would make that secure? Also, if you forgot, would you get a message saying 'Your password is the third flamingo on the left on the lawn of Aunt Bessie's house'?"
Fastest password crack ever: Click "1600 Pennsylvania Avenue"
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
... and when the internet link is down or God forbid, Google Earth is down, users login how?
Maybe if you were trying to hide the log in box, but you can write click scripts that will hit that map at every pixel. Stupid.
I forgot my gmail password
and here was my hint.
(how I forgot "goatse" as a password is beyond me.)
Trolling is a art,
...this one is easy enough to crack just by shoulder-looking. And of course there's the issue of needing to load a ton of map data just for a simple password entry, and if the map provider is out you're screwed. Plus the hassle of zooming down from a world-map to some specific point every time you want to get into a site. Need I go on?
So when you get compromised not only is your 'password' gone but also your house address? Don't be naive to think that peoples password won't be their house/workplace.
Here is the US that would be very effective.
REQUEST: Locate Belgium on a map
RESPONSE: uh.....uh......connection timed out!
Flexible bare-metal recovery for Linux/UNIX
A sinkhole ate my password!
I don't have much trouble spotting familiar places on google maps, but what about those that can't read maps very well? aka women
/me ducks
Global warming and other natural disasters are a direct effect of the shrinking number of pirates - Gospel of the FSM
To recover a lost "password", does it provide turn-by-turn directions? This is an interesting and potentially useful concept, especially to use in conjunction with a username and password. Also, I can see how you can prevent people certain people to login to the network if they're in a "insecure" location such as in an airport.
I wonder how you would make that secure?
You should know. Why are you asking us?
That's amazing! I've got the same flamingo on my luggage.
Could you use the scalability of fractal images as a map in this manner?
By my understanding, this would give you random numbers depending on your "depth" and x/y coordinates.
So what happens when they update the imagery or the map (streets do change, you know)? Also, this is clearly not usable for many people with disabilities (requires good eyesight, good coordination, a steady hand, good memory, etc.).
Is about to become a lot more popular.
Hope is the currency of fools
Rather than using a map, just have the user upload a picture.
You're killing two birds with one stone. First, the user is being shown something to confirm that this is indeed the site they think it is (think: sitekey or the like). Second, they can pick some incredibly detailed point without all the hassle of licensing someone else's data.
All that, and this is still a pretty stupid idea. You have all the same problems with password: users don't want a long one, users want to pick the same one for multiple sites, users tell the wrong people who their passwords are (though, now with more difficult language). All that, plus it's now multiple clicks, pans and zooms to enter your "password", and if the satellite data updates you're screwed.
paul reinheimer
I imagine the back-end simply being the coordinates with a margin of error.
Still a password: "You could have a 10-digit latitude, and a 10-digit longitude, then you'd have a 20-digit password." - TFA
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
In Geographic Password you pick Soviet Russia.
[Insert pithy quote here]
If you could choose your own map areas, this could work well.
I could easily choose map spots that could be described in a way that only I or a very select group of people would know. Things like if I showed you a map of the neighborhood where I grew up, and said "the tits", how would you know where it is? Would you guess in the park? Where in the park?
Trust me, no google earth view is going to show you the landmark in question, and it would only be visible as such from one spot.... but I know exactly where it is, I used to climb all over those rocks as a kid.
-Steve
"I opened my eyes, and everything went dark again"
What if we had GPS, a Cell tower, and a local device embedded in the ground.
//Then you can simplify the job to keeping people out of the room.
If the computer is moved from these 3, then no password will work.
Nope, won't work. You have two options: either store the maps locally, or download them from an online source like Google Earth.
If you get them online, then anyone watching your network traffic can see which map tiles you're requesting, and use that to figure out the approximate location you're clicking on. This limits the possible passkeys to some point on the last map you loaded -- which given image/mouse resolution, means there are only about 100,000 possible passkeys. Not enough.
If you store them locally, then you need to store high-res map data for the whole planet. You're going to need to store at least a gigabyte worth of images in order to be able to distinguish streets from one another: probably closer to a terabyte if the user is to be able to recognize and click on their uncle Joe's summer home.
The basic problem is, in order to allow the user to pick one of N choices on the map, you need to store and present several times N bytes worth of data -- color pixel information for each possible click-location. That means that to match the password security of an 8-character a-z password, you need to store several gigabytes of raw image data -- less if you JPG it.
Just as people set their own names, birthdates and 'password', they will assuredly put their own home as their password.
This makes more sense as a optional authentication factor for password recovery than for the sole means of authentication.
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
It's not half as dumb as the summary makes it sound.
For security, what matters is the keyspace and the likelyhood of guessing correctly. The keyspace easily competes with alphanumeric passwords. It is dramatically reduced by the assumption that people will pick places with meaning to them, which means places they've been to. Nevertheless, it should measure up to passwords in security.
Different from passwords, though, the human mind is pretty well equipped to recall specific places. Arbitrary alphanumeric combinations, on the other hand, are amongst the most difficult things to remember and recall.
Assorted stuff I do sometimes: Lemuria.org
They pull over and ask a gas station attendant what their password is.
Support Right To Repair Legislation.
Ultimately it maybe easier to remember what your password is by remembering such a map reference and as someone else stated the password hint could be the map point of interest, but the actual value is just numeric therefore not very secure.
The system is extremely secure ... for those with no social life. Noone knows where they live ...
geocaches !
My 3rd grade teacher said geography would be useful one day.
doesnt matter what you 'click on'. still, some certain identifiable data is going to be sent from your remote pc, to the server that is going to do the authentication. or, even if its on your local pc, to whatever is going to authenticate you in local pc.
its no different than anything else. if anything, it makes dictionary type attacks much easier. the number of possible coordinates that can happen on a world map are much much lower than the possibility of combinations of alphanumberic passwords with special characters.
BR.
Read radical news here
This is excellent news! I will finally be able to set my password up as "CowboyNeal's Mother's Basement!" ;-)
I selected a shark in a backyard pool, but for some reason the camera pointing at it has been burned out, and now I cannot log in!
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
I have a Garmin Nuvi GPS that does something similar for theft deterrence. If you enable locking on the unit, you must either input a 4 digit PIN code, or the unit must be in a pre-programmed 'Home' location when it is powered on for it to function.
The issue with this is that most people will either choose locations that are well-known landmarks, or which they are associated with. This vastly reduces the potential search space for a password based upon a physical location. But even if you choose a location at random... Let's pull a number out of the air: let's suppose there are 100 million buildings in the United States that represent potential candidate "geokeys". That's what, a 27-bit key? How long would it take to exhaustively brute-force a 27-bit keyspace?
The other issue is that you now have a dependency upon the map-display. If it ever changes (new satellite imagery, the Taco Bell you use as your key moves across the street to a new building), or the map-server is down, you can't get in without some sort of time-consuming (and itself potentially hackable) recovery method.
Nice idea on paper, and far better than choosing a random word that appears in /usr/share/dict/words (480 thousand entries on my installation) ... but still weak compared to even a 6-byte password composed entirely of ASCII 33-96 chosen at random (64 possible values per character, 64 = 2^6, 6*6 = 36, keyspace = 2^36 = 69 billion possibilities).
Everybody gets what the majority deserves.
Real men don't use maps.
'Nuf said.
What one fool can do, another can. (Ancient Simian Proverb)
I mean, "Fucking, Austria"
My password is 12345
Note to self: Now I have to change my password.
What one fool can do, another can. (Ancient Simian Proverb)
I remember using things like this about 10 years ago on my pocket pc, where instead of entering a pin to unlock it, you would have to press specific points on a picture of your choice (in the correct order of course). So the concept isn't that new, I was actually quite fond of the idea back then.
Looking at Google Maps the area covered by the windshield of my car is about five places after the decimal point of precision in both lat and long. That is about one square meter and as precise as you could realistically expect users to be. That would mean each location would give you 2+5 digits for the lat and the long, a total of 14 digits for a password. That's 10^14 possibilities. For comparison a password made up of random characters (lower, upper, digits, special) for a total of 95 total possible choices would need to be seven characters long to have about the same entropy (67 trillion vs 100 trillion).
Seven character random passwords are ok, but certainly not uncrackable. You could argue that letting the user choice several spots would greatly increase the entropy, but realistically the user is going to pick spots close together. Not to mention you could probably cut down on the possible locations with something similar to a dictionary attack, i.e., eliminating the vast expanses of nothingness that are unlikely to be chosen (like oceans, and deserts). Lastly, it relies too heavily on the mapping service. What happens when they update their images and your landmark disappears or moves slightly?
How do you keep that secure in a public environment? If i type my password in a computer lab or at work, all anyone sees is a line of asterisks. If I have to hunt down a location on Google Earth, anyone and his dog can see where I clicked.
"I disagree with you" does not equal "flamebait."
My favorite blog already tore Mr. Smithwick a new one on his assumption of 10 digits of precision: http://uxblog.idvsolutions.com/2010/09/map-passwords-and-problem-of-scale.html That is just too close to the ground to be practical - maybe 6 digits of precision, at best.
...or even older: http://www.brighthand.com/article/pictureperfect/ A friend of mine had a palm and a picture of a pyramid where he pointed at the corners and the center to log into his device. But also, where is the difference from the lock screen on the iPhone? or any other touch device. It is just convenient that the position in the picture can be memorized through a sequence of numbers. The principle is exactly the same...
What's needed is a way to change passwords daily, *on the server side*, and with a mask that users can duplicate easily. For example:
For a given 25-digit password, go to a site that computes the value of pi to a few million digits and download a few thousand pages. On the 14th of the month your password is the 25 digits of pi starting with the 196th digit (14 squared) and including the next 24 digits. Etc.
It's a big number. You wouldn't type it - you'd copy and paste it: so key loggers wouldn't work. And it would change every day. I've been waiting forever for some kind of host controlled, but server-side password utility like that.
What's that? Today is Wednesday the 6th of October, 2010? (4_6_10_10_) in MST? Well then, my password must be 101064 times the number of yesterday's day of the week (3) = 303192...
When I read the title I thought it would use your location in the part to valid you. IE: your IP indicates you are attempting to log-in from Europe and yet 1 hour ago you where logged in at your home in California. I have seen a website already do something similar to to... when I was using a proxy server and hit my account it knew my access was not from my regular IP address and prompted me for a some more security questions for validations - the secret question I wrote for the extra level of security (and it sent me a email that my account was accessed from non-typical IP address and supplied the IP address and time).
Nice to see. But click on a map seems a little to easy to hack or shoulder read.
My Sig indicates the end of the comment I posted.
10 digit lat and long? Well, if I did my math right that's about 0.8 inch north/south resolution. The east/west resolution depends on how far from the equator your location is; about 0.8" if you're at the equator, less otherwise.
I doubt you have a world map wtih 1" resolution. I doubt you can click on the single pixel you intend on any map.
It seems to me you can come at this from the other direction; the surface area of the Earth is on the order of 10^14 meters. Eliminate areas where a specific location isn't distinguishable (like oceans), and you have an idea of the number of possible passwords, which can then be equated to a number of bits of information in an individual password. It's not "20 digits".
You also might choose to trade some of the bits away to make your system usable, since hitting exactly the right square meter on a satelite map can be challenging.
Wow, leaving aside the stupidity and inconvenience of using maps as passwords (sure, there's enough entropy, but shoulder-looking kills it, and it would take much longer to enter a password than with a text-based one), the entire article seems to centre around the concept that this will solve the "multiple passwords" problem.
"Online passwords are tedious, and it seems like too many websites require one" ... "I hate creating a new password for every website where I keep even a scrap of personal information". Seems like the two issues are entirely orthogonal. How is this going to help you with that problem? Either you're going to have to remember dozens of map locations for dozens of websites (same as passwords now), or you're going to have just one location for all sites, and be vulnerable to the same problem as having one password.
My solution is to use SuperGenPass, so I have one master password, but it generates a different password for each site, without storing passwords anywhere. There's also LastPass, which I haven't used, but it looks like a nice strong client-side-encrypted cloud-stored password database.
Just dont use a geographical map, also display many, many cursors. demo video here: http://www.youtube.com/watch?v=vqReLJoRqog
How would one mask the picture such that a user can click on the map without anyone else obviously seeing? The good thing about passwords is that the word can be masked as you type it, with the idea being that only the user entering the password "knows" what's going in that box. An adversary can get it by keystrokes, sure, but that's much less obvious (hence, much more non-trivial) than seeing a user click a flamingo a few times to access a restricted zone. To make matters worse,
I suppose it would be a good authentication step in a multi-factor authentication scheme, where a user types a password and then marking a point on a map that they specified. No idea, though.
Gee whiz, I guess as long as no serious Earth quakes occur, or I haven't used any place in California as my password location, it would indeed provide a hugely variating pool of unique passwords. But with all this AI, I would not doubt that archetypal locations could be mined from the collective cattle mind, and exploited. How many people would pick the twin towers spot? This sounds a bit absurd really. I will keep my standard password, along with a good geographical education, and a few Paul Theroux books under my belt.
The exact same way you make any transmitted information (such as a text password) secure. There is exactly zero fundamental difference between the problem sets. You still have to prevent eavesdropping at all the various levels at which it occurs, and you still have to choose the information in such a way that it is not easily guessable or deducible (don't choose a family member's birthday or anywhere around your house).
So I just get a bunch of zombies to try to login to your server. Each one spins the globe around, zooms in and out and hits random locations.
That's not a 'thin' authentication scheme.
Maybe it's not so stupid; remember that the pixel you have to hit isn't necessarily in the same spot every day, if you have to scroll&zoom the globe to find your spot.
Or, it would make a very good solution to a slighly different problem: It seems a little bit tricky to machine-translate the password hint "the third flamingo on the left on the lawn of Aunt Bessie's house" to a particular coordinate. Unless the hint is something entirely obvious ("Aunt Bessie's house" is more cryptic than "Lincoln Memorial"), it could be used as a very good captcha system ... or, as a variant of that "ESP game", a good way to crowd-source mapping of textual descriptions to map coords.
"Good news, everyone!"