Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Science Technology

Graffiti as Password - Secure and Memorable 76

Posted by Zonk from the crouching-tiger-hidding-content dept.
Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."
This discussion has been archived. No new comments can be posted.

Graffiti as Password - Secure and Memorable More

Graffiti as Password - Secure and Memorable

Comments Filter:

  • More secure, less useful. (Score:3, Insightful)

    by srollyson ( 1184197 ) * on Sunday November 04, 2007 @02:33PM (#21233347)
    It's tough to imagine hand-drawn passwords becoming much more popular than USB fingerprint readers. True, they increase security over standard text passwords, but how am I supposed to give a throwaway password to a coworker so that he can use my machine while I'm on vacation? The only thing that would make this more ubiquitous than fingerprint readers is the fact that you can use pre-existing touch screen or stylus interfaces as described in the article. In my opinion, this technology won't be able to fill the needs of anything more than a niche market. Nor will people need more than 640K RAM.

  • Get off my lawn! (Score:5, Insightful)

    by exploder ( 196936 ) on Sunday November 04, 2007 @02:49PM (#21233523) Homepage
    Man, I'm tired of all these complicated new password schemes...my bank uses "security code", a "password", and an image, plus they ask you personal questions that half of us don't even have a definite answer to, such as, "what was your favorite candy as a child" or "what's your favorite vacation spot?" Even if I do remember the answer, I have to remember whether I capitalized, and exactly how I typed it. What a pain in the ass. I get locked out of my bank all the time.

    God dammit, just let me pick a nice strong password. I can remember passwords.

  • pain in the.. (Score:3, Insightful)

    by Anrego ( 830717 ) * on Sunday November 04, 2007 @02:51PM (#21233561)
    I have a hard enough time typing in my plain text password in the morning when I get into work through my one blood shot eye.

    I think it would be a major pain in the ass to have to draw a picture every time I wanted to log into my computer.

  • huh? (Score:3, Insightful)

    by religious freak ( 1005821 ) on Sunday November 04, 2007 @02:57PM (#21233619)
    I still don't get how these things are supposed to work, really. So you can draw a picture of graffiti and that's your password?

    What if I can't draw?
    How can you obscure this while "entering your password"? Seems like it'd be a lot easier to see than what someone is doing on a keyboard.
    How much is the extra hardware going to cost and would the business want to pay for it?
    Why not just do fingerprint recognition?
    etc, etc...

  • I'd say less secure (Score:4, Insightful)

    by Kabuthunk ( 972557 ) <<moc.liamtoh> <ta> <knuhtubak>> on Sunday November 04, 2007 @03:24PM (#21233833) Homepage
    I can't see how it's more secure. I'm sure many, many passwords will just be some random part of the background, like the bird or a tree, just coloured in.

    Also... if we're so much better at remembering images, then one just has to glance at the screen someone is drawing on and then whoops... looks like they remember it too now.

  • Re:More secure, less useful. (Score:3, Insightful)

    by forkazoo ( 138186 ) <wrosecrans@@@gmail...com> on Sunday November 04, 2007 @04:30PM (#21234467) Homepage

    Um... Not to side track. That is just a bad security practice. If you need to give your coworker rights to your computer, you give him rights to log into that work station with his name and password.


    I don't disagree that the OP was suggesting bad practice. But, whether you are giving them the password for your account or for their own, you still need to allow somebody a way to initially authenticate, so they can pick something of their own. How exactly do you say, "Hey bob, I've set up an account for you, you can log in with the username bsmith, and the passdoodle... ummm... well, you sort of color in the bird, then outline a house over on the left, and..."

  • Universal Access (Score:3, Insightful)

    by ddrichardson ( 869910 ) on Sunday November 04, 2007 @05:15PM (#21234809)

    This system doesn't lend itself to those with visual impairment very well. In fact, having recently injured my right hand I have had difficulty writing, yet a fingerprint reader is still perfectly usable.

  • Re:Memorable? (Score:3, Insightful)

    by westlake ( 615356 ) on Sunday November 04, 2007 @11:56PM (#21237639)
    I don't know about anyone else, but even my signature tends to shift a bit every time I jot it down to take a delivery or acknowledge a credit card.

    This is the classic way of detecting a forgery. If two signatures are identical, one has to be a tracing. Any kid who was reading The Hardy Boys or Nancy Drew in the 'thirties would have been exposed to the idea.

Slashdot Top Deals

"Gravitation cannot be held responsible for people falling in love." -- Albert Einstein

Close