Graffiti as Password - Secure and Memorable 76
Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have
refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."
More secure, less useful. (Score:3, Insightful)
Get off my lawn! (Score:5, Insightful)
God dammit, just let me pick a nice strong password. I can remember passwords.
pain in the.. (Score:3, Insightful)
I think it would be a major pain in the ass to have to draw a picture every time I wanted to log into my computer.
huh? (Score:3, Insightful)
What if I can't draw?
How can you obscure this while "entering your password"? Seems like it'd be a lot easier to see than what someone is doing on a keyboard.
How much is the extra hardware going to cost and would the business want to pay for it?
Why not just do fingerprint recognition?
etc, etc...
I'd say less secure (Score:4, Insightful)
Also... if we're so much better at remembering images, then one just has to glance at the screen someone is drawing on and then whoops... looks like they remember it too now.
Re:More secure, less useful. (Score:3, Insightful)
I don't disagree that the OP was suggesting bad practice. But, whether you are giving them the password for your account or for their own, you still need to allow somebody a way to initially authenticate, so they can pick something of their own. How exactly do you say, "Hey bob, I've set up an account for you, you can log in with the username bsmith, and the passdoodle... ummm... well, you sort of color in the bird, then outline a house over on the left, and..."
Universal Access (Score:3, Insightful)
This system doesn't lend itself to those with visual impairment very well. In fact, having recently injured my right hand I have had difficulty writing, yet a fingerprint reader is still perfectly usable.
Re:Memorable? (Score:3, Insightful)
This is the classic way of detecting a forgery. If two signatures are identical, one has to be a tracing. Any kid who was reading The Hardy Boys or Nancy Drew in the 'thirties would have been exposed to the idea.