Graffiti as password

One of the largest security challenges many organizations face come from the most basic aspect of security: user passwords. Humans simply have a limited capacity to remember otherwise insignificant streams of letters and digits; as a result, they often choose passwords that are easier to remember. Those memorable passwords, however, can fail in the face […]

Share online:

One of the largest security challenges many organizations face come from the most basic aspect of security: user passwords. Humans simply have a limited capacity to remember otherwise insignificant streams of letters and digits; as a result, they often choose passwords that are easier to remember. Those memorable passwords, however, can fail in the face of dictionary attacks or guesses based on information such as birth dates or the names of family members. This week's meeting of the Computer and Communications Security interest group of the Association for Computing Machinery saw the description of the latest attempt to balance security and obscurity: an improved form of the "Draw a Secret" method.

The basic concept behind Draw a Secret (DAS) is that humans excel at image recognition and memory, so "passwords" should be designed to leverage that ability. Initial implementations simply tracked the ability of people to use a stylus to draw a free-form shape on a touch-sensitive screen. But the people behind the new work have previously refined the technique by parsing the shapes with a flexible grid, which allowed them to more accurately recognize key features such as changes in the stroke's direction. The primary limitation of this DAS system is the user's ability to accurately redraw a complex shape from memory.

Full Article

Graffiti, Security, Password

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.