Microsoft Research is investigating if the inkblot is a better idea than the sticky note when it comes to remembering passwords that aren’t easy for others to crack.
Researchers Jeremy Elson and Jon Howell, who work in the distributed systems and security group at Microsoft Research, have revived a project that uses inkblots, similar to the way Rorschach Inkblot tests are used, as visual cues to help users create and remember passwords.
Read the latest WhitePaper - Differentiate on Service
On Monday, Microsoft Research opened a public Web-based project called InkblotPassword.com.
The Web site lets users create a password using a series of random inkblots and a formula to select letters. The user associates a word with the inkblot that corresponds to what they see in the image, such as a bird or a shield. InkblotPassword.com currently has 1,000 inkblots in its database.
For each inkblot the user enters the first and last letter of their word: bd for bird and sd for shield. A set of 10 images creates a 20-character password that Microsoft Research has shown is easily memorized but hard to crack. In fact, after a period of time many users remember the password without having to consult the inkblots, according to the research first conducted in 2004.
Typically such random and hard-to-guess passwords have been written down by users, on such things as sticky notes, and left by their terminals. Or users create weak passwords and use them over and over again at different Web sites.
Microsoft aims to change that by marrying the strong passwords and Web-based single sign-on technology.
Microsoft’s project combines the inkblot research with the OpenID protocol, which is used to create single sign-on for Internet users. Version 2.0 of the OpenID protocol was released on Tuesday. In February, Microsoft announced support of OpenID.
With an OpenID, users can sign in once to an OpenID provider and then use that authentication to access any Web site that supports OpenID. Passwords that control the single sign-on can now be created with inkblots.
Microsoft, inkblots, Password Manager, OpenID, Microsoft Research
No comment yet
1 Trackbacks & Pingbacks: | TrackBack URI
-
Pingback from 1Microsoft InkBlot Launched » D' Technology Weblog: Technology, Blogging, Tips, Tricks, Computer, Hardware, Software, Tutorials, Internet, Web, Gadgets, Fashion, LifeStyle, Entertainment, News and more. says:December 10th, 2007 at 4:23 pm
[...] personal password that is easy to remember. The user is presented with a sequence of random inkblots. Each should remind the user of a word, a butterfly or a pumpkin, for example. For each image, the [...]
