Slashdot Mirror

← Back to Stories (view on slashdot.org)

Map Based Passwords

Posted by samzenpus on from the getting-directions-to-your-password dept.

smitty777 writes "Discovery is running an article on passwords based on a very specific location on a map. Instead of showing UID and Password fields, the user would simply click on a very specific spot on Google Earth, for example. I wonder how you would make that secure? Also, if you forgot, would you get a message saying 'Your password is the third flamingo on the left on the lawn of Aunt Bessie's house'?"

4 of 169 comments (clear)

  1. Fractal images a better bet? by Banichi · · Score: 2, Interesting

    Could you use the scalability of fractal images as a map in this manner?
    By my understanding, this would give you random numbers depending on your "depth" and x/y coordinates.

  2. Re:Find a point on a map? by Nadaka · · Score: 2, Interesting

    We don't use that kind of language around here mister!

  3. 14 Digit Password by DaleSwanson · · Score: 2, Interesting

    Looking at Google Maps the area covered by the windshield of my car is about five places after the decimal point of precision in both lat and long. That is about one square meter and as precise as you could realistically expect users to be. That would mean each location would give you 2+5 digits for the lat and the long, a total of 14 digits for a password. That's 10^14 possibilities. For comparison a password made up of random characters (lower, upper, digits, special) for a total of 95 total possible choices would need to be seven characters long to have about the same entropy (67 trillion vs 100 trillion).

    Seven character random passwords are ok, but certainly not uncrackable. You could argue that letting the user choice several spots would greatly increase the entropy, but realistically the user is going to pick spots close together. Not to mention you could probably cut down on the possible locations with something similar to a dictionary attack, i.e., eliminating the vast expanses of nothingness that are unlikely to be chosen (like oceans, and deserts). Lastly, it relies too heavily on the mapping service. What happens when they update their images and your landmark disappears or moves slightly?

    1. Re:14 Digit Password by Eivind · · Score: 2, Interesting

      It's worse than that. A LOT worse than that.

      First, the 2 first digits are hardly random, instead they can be guesstimated very well from the users aproximate location, for example if the user is American, the latitude is somewhere in the 30-50 range, which is a much smaller searchspace than -90 to 90.

      Secondly, aproximately 99% of anywhere is NOTHING. Nobody is going to choose as their password points which have no map-features nearby. Third, one meter resolution, is unrealistic. You might select a building, and if we're pushing it, you might even choose some prominent spot on that building, such as the north-west corner or whatever. But even if everyone does that, you're still just talking ~5 potential points for each building, not hundreds as would be required for 1m resolution.

      More like 50M buildings in USA, for a keyspace around 25 bits, but that keyspace won't be anywhere near evenly used, you're going to have a lot more people select the statue of liberty, compared to some random farm-building in Utah. Entropy would thus be significantly lower, perhaps 15 bits.

      Forcing people to select multiple, say 5, would not help so much. It'd make it more of a hassle, thus people would, to avoid needing to spend an half-hour logging in, select either even more prominent features, or select 5 different points in the immediate viscinity of eachothers, which doesn't help so much.

      In short, not really a good strategy.

      Passwords, of any kind, are challenging. The problem being that the needed entropy is high, and there's few methods of easily, and quickly inputing high-entropy information that is at the same time easy to remember.

      Personally I think 2-factor is the way to go. My debit-card is protected only by a 4-digit pin, afterall. But that still works reasonably well, because you need posession of the physical card, thus it's 2-factor. 1: the card, and 2: the pin.

      Google already launched 2-factor authenthication, where they use your password + your mobile phone as the 2 factors.

      Yes, someone could steal the phone AND the password. But it's a lot more secure than the password alone.