Forgot your password?
typodupeerror
Security IT

Map Based Passwords 169

Posted by samzenpus
from the getting-directions-to-your-password dept.
smitty777 writes "Discovery is running an article on passwords based on a very specific location on a map. Instead of showing UID and Password fields, the user would simply click on a very specific spot on Google Earth, for example. I wonder how you would make that secure? Also, if you forgot, would you get a message saying 'Your password is the third flamingo on the left on the lawn of Aunt Bessie's house'?"
This discussion has been archived. No new comments can be posted.

Map Based Passwords

Comments Filter:
  • Fastest password crack ever: Click "1600 Pennsylvania Avenue"
    • by Intron (870560) on Wednesday September 29, 2010 @03:11PM (#33738470)

      MEMO FROM IT DEPT.

      It has come to our attention that some users are selecting weak passwords. Henceforth, we have implemented measures to prevent selecting passwords based on well-known locations, major cities and major landmarks. When selecting a password we will not allow you to use a place that you, a relative or a friend have ever lived or visited. Please fill out the attached questionairre listing everywhere you have been since you were born.

      Thank you.
      IT - Department - help you can count on

      • MEMO FROM IT DEPT.

        It has come to our attention that some users are selecting weak passwords. Henceforth, we have implemented measures to prevent selecting passwords based on well-known locations, major cities and major landmarks. When selecting a password we will not allow you to use a place that you, a relative or a friend have ever lived or visited. Please fill out the attached questionairre listing everywhere you have been since you were born.

        Thank you.
        IT - Department - help you can count on

        How did you get my Memo?

      • Re: (Score:3, Funny)

        by Lumpy (12016)

        I prefer the one we put on all the windows machines here at work.

        "your password must not contain any characters that can be typed on the keyboard."

        The CTO did not think that it was funny...

      • by badboy_tw2002 (524611) on Wednesday September 29, 2010 @03:32PM (#33738764)

        Dang, my password was someone's backyard where they had spelled out "GOD" "SEX" and "LOVE" with their hedges. If I ask them to grow a "1" after it will we be all good?

      • by oodaloop (1229816)
        In order to make passwords more secure, we will no longer be using overhead views.
  • Brilliant... (Score:2, Insightful)

    by Anonymous Coward

    ... and when the internet link is down or God forbid, Google Earth is down, users login how?

    • Re: (Score:3, Funny)

      by T Murphy (1054674)
      But if Google Earth is down, google.com itself is probably down, in which case the user couldn't navigate to the website in the first place. I don't see the problem.
    • Re: (Score:3, Funny)

      by Lumpy (12016)

      Enter the Lattitude and longitude in by hand DUH.

    • by tehcyder (746570)
      If your internet link was down how would you be logging on to a remote site anyway?
  • It works! (Score:5, Funny)

    by grub (11606) * <slashdot@grub.net> on Wednesday September 29, 2010 @03:01PM (#33738302) Homepage Journal

    I forgot my gmail password

    and here was my hint [google.ca].

    (how I forgot "goatse" as a password is beyond me.)
    • by JWSmythe (446288)

      That's a lot safer than this one [google.ca]

    • Completely off topic, but does anyone else look at that picture and see a hill rather than a crater? I know it's a crater, but to my brain it looks like a hill due to the shadows and lack of perspective (i.e. can't see it going into the ground).

      • by JWSmythe (446288)

        It's the same illusion that people see when looking at photos of mars. It's very easy to get disoriented looking at satellite/aerial photography, without a lot of practice.

        here [google.com] is a fun place to look at craters. Remember, in the Northern hemisphere, North of the Tropic of Cancer, the shadowed side will be to the south, and the illuminated side will be to the north. That's how you can tell that this is a pyramid [google.com] and this is a crater [google.com]

        And of course, this is a tall building, at [google.com]

  • by bieber (998013) on Wednesday September 29, 2010 @03:03PM (#33738326)
    ...this one is easy enough to crack just by shoulder-looking. And of course there's the issue of needing to load a ton of map data just for a simple password entry, and if the map provider is out you're screwed. Plus the hassle of zooming down from a world-map to some specific point every time you want to get into a site. Need I go on?
    • by T Murphy (1054674) on Wednesday September 29, 2010 @03:37PM (#33738830) Journal

      this one is easy enough to crack just by shoulder-looking

      So don't display the map plainly- replace it with asterisks. Problem solved.

    • by PRMan (959735)
      Can you? That's pretty comprehensive already.
    • If implementing a map-based-password, I would require users to choose more than one location. I might place an upper limit on the number of locations as well.

      Someone could then set their password to equal: 1. where they were born, 2. where they work, 3. where they went on vacation last year.

      Of course, there wouldn't be any prescribed formula for choosing the locations, so a user could choose any number of locations for any reason. They might even choose "..that place where they put that thing that time [youtube.com]."

      • by DavidTC (10147)

        Indeed, the password reminder clue would be pretty interesting. 'It's the place where you got that flat tire that time' or 'Won't ever eat there again' or 'The weird sign'.

        Incidentally, I love that clip, as it has the single realistic 'hack' in the entire movie. If you're on a phone where you can't dial at all, hang up the phone, take it back off the hook, click the switchhook ten times, which dials '0' in rotary, and you get an operator, who can dial for you.

        • by JWSmythe (446288)

              It would be a little slicker to dial the number like that. It can be done. But I'm sure half the people here don't remember pulse dialing. For quite a few years, I had to change the strings for my modem from ATDT to ATDP so I could dial. :)

          • Well, it probably did save you $2.50 a month.
            • by JWSmythe (446288)

              Oh, I wish it was so easy. No, I grew up in a rather rural area. This isn't really all that long ago, it was the late 1970's through mid 1980's. But they hadn't upgraded their infrastructure. They finally upgraded their equipment in the late 80's, so I could start doing tone dialing.

              Hmm, come to think of it, they split the area into two exchanges in the real late 80's. So they couldn't have had more than 10,000 subscribers, both residential and businesses across several sm

              • My grandparents lived in a town that still offered four-digit dialing until the mid-late 80s. Yep, no prefix needed. Just dial the last four. Can't remember if they had pulse or tone dialing, though.

                Still, BellSouth was hammering me for something like $2.50/mo for tone dialing up until I ditched them ca. 2004.
          • by DavidTC (10147)

            It can be done, but why? It's much easier to just ask the operator to dial for you.

            The fun thing about asking the operator is that even the smartest 'pen register' tap can't figure it out. Even if they can do pulse dialing, they'll just see you dialing 0.

            It sounds silly, but in actuality jail phones often have such a device on them.

            • by JWSmythe (446288)

              To the best of my knowledge, all jails record phone calls. I'm sure they intercept the dialed number as well as the calls. Getting the number the technical way, especially when it's tapped out by hand, is harder than just listening to the operator saying "Operator, please connect me to 212 555 1212".

              They have a bit less interest in the phone number than the actual conversation.

              Most inmates are in prison for a reason. They got caught, usually because they made stupid mistak

    • by geekoid (135745)

      It actual hard to gte an exact pin point by should surfing with this then any ATM machine or keyboard.

    • That was my first thought too.

      There are so many problems with this sollution and shoulderlooking is a huge one.

      It's nice that humans are good at remembering graphic data like images on a map but the same goes for the guy standing behind you.
      If someone knows you personally in most cases he or she wouldn't even have to see the exact location where you click.
      "ah... that looks like her old neighborhood, let's see if she picked her old house as passlocation"..

      Also, it seems way to slow to be functional.
      The way i

    • by shird (566377)

      Yes, valid points. However I like this idea for the purposes of password recovery.

      Use a high strength regular password, and have your browser save it. However, when you lose it, or need to login from somewhere else, the ability to recover/reset a lost/difficult to remember password is useful when the password hint is something a bit stronger than 'What's your favourite colour?'.

  • by bigredradio (631970) on Wednesday September 29, 2010 @03:05PM (#33738364) Homepage Journal

    Here is the US that would be very effective.

    REQUEST: Locate Belgium on a map

    RESPONSE: uh.....uh......connection timed out!

  • by sakdoctor (1087155) on Wednesday September 29, 2010 @03:19PM (#33738592) Homepage

    That's amazing! I've got the same flamingo on my luggage.

  • Could you use the scalability of fractal images as a map in this manner?
    By my understanding, this would give you random numbers depending on your "depth" and x/y coordinates.

    • It seems like that would make it easy to get lost, fractals have an odd way of looking similar at various magnifications.
  • Is about to become a lot more popular.
  • Rather than using a map, just have the user upload a picture.

    You're killing two birds with one stone. First, the user is being shown something to confirm that this is indeed the site they think it is (think: sitekey or the like). Second, they can pick some incredibly detailed point without all the hassle of licensing someone else's data.

    All that, and this is still a pretty stupid idea. You have all the same problems with password: users don't want a long one, users want to pick the same one for multiple sit

    • by hoggoth (414195)

      This!

      Every user gets his own picture, and coordinate within that picture.
      So my password could be Aunt Bertha's left eye and yours could be Megan Fox's umm... freaky thumb.

      Enter username. Gets instant feedback that you aren't on a trojan site. Only the real site should know and have a copy of YOUR picture. Then select your secret point on the picture. Don't send the coordinates, but an encrypted or one-way hashed version of the coordinates so an eavesdropper doesn't get any useful information.
      Easier to remem

  • I imagine the back-end simply being the coordinates with a margin of error.
    Still a password: "You could have a 10-digit latitude, and a 10-digit longitude, then you'd have a 20-digit password." - TFA

  • In Geographic Password you pick Soviet Russia.

  • If you could choose your own map areas, this could work well.

    I could easily choose map spots that could be described in a way that only I or a very select group of people would know. Things like if I showed you a map of the neighborhood where I grew up, and said "the tits", how would you know where it is? Would you guess in the park? Where in the park?

    Trust me, no google earth view is going to show you the landmark in question, and it would only be visible as such from one spot.... but I know exactly where

  • Nope, won't work. You have two options: either store the maps locally, or download them from an online source like Google Earth.

    If you get them online, then anyone watching your network traffic can see which map tiles you're requesting, and use that to figure out the approximate location you're clicking on. This limits the possible passkeys to some point on the last map you loaded -- which given image/mouse resolution, means there are only about 100,000 possible passkeys. Not enough.

    If you store them loc

    • by goodmanj (234846)

      Let me put it another way: if the number of possible passwords is X^Y, where X is the number of symbols and Y is the length of the password, using a password system in which Y = 1 is stupid, for any feasible choice of X.

      Now, a map password in which the user clicks on *several* locations on a low-res map, in order? *that's* got some entropy behind it. But at that point, you might as well just make your "map" image a photo of a keyboard and reinvent the wheel.

  • Just as people set their own names, birthdates and 'password', they will assuredly put their own home as their password.

    This makes more sense as a optional authentication factor for password recovery than for the sole means of authentication.
  • not dumb (Score:3, Insightful)

    by Tom (822) on Wednesday September 29, 2010 @03:40PM (#33738876) Homepage Journal

    It's not half as dumb as the summary makes it sound.

    For security, what matters is the keyspace and the likelyhood of guessing correctly. The keyspace easily competes with alphanumeric passwords. It is dramatically reduced by the assumption that people will pick places with meaning to them, which means places they've been to. Nevertheless, it should measure up to passwords in security.

    Different from passwords, though, the human mind is pretty well equipped to recall specific places. Arbitrary alphanumeric combinations, on the other hand, are amongst the most difficult things to remember and recall.

    • by Hacksaw (3678)

      People are dumb. Millions of people would select something like the entrance for Fort Knox, or Norad, or a local bank. You have a training problem just as large as the one you have now.

      • by Tom (822)

        People are dumb.

        True, but individuals are smart.

        Yes, you would have to exclude famous landmarks. But the training is a lot simpler. Compare:

        With this scheme:
        "Pick a place that has meaning to you, personally, and that you can easily remember. Don't pick famous landmarks or other places that lots and lots of people would think about, but rather something personal."

        With passwords:
        "Pick a difficult-to-guess combination of letters, numbers and special characters. Don't write it down anywhere, you have to remember it. But it can

    • by DavidTC (10147)

      It is dramatically reduced by the assumption that people will pick places with meaning to them, which means places they've been to.

      Well, yes, but places people have been to are a lot harder to figure out than, for example, words that are familiar to them.

      Sure, they might choose the pizza place they went on their first date with, but that's a lot more difficult for a cracker to figure out then the name of their dog.

      A lot of meaningful places to people are never recorded anywhere, even if talked about.

    • Re: (Score:3, Insightful)

      by guyminuslife (1349809)
      I've gotta tell you, there's a lot of "empty" space out there.

      Take the world.
      Subtract the oceans.
      Subtract the areas without any human settlements.
      Subtract the areas without any features to distinguish them from surrounding areas. (Big, endless plains, random points in large forests, maybe even suburban rooftops)

      You've gotten rid of most of the world.

      Now, find the user's IP address.
      Search for interesting features locally. There aren't that many of them. Sure, you *could* try writing an advanced image-process
      • by Tom (822)

        I'm an American, I might choose Westminster Abbey as my password, but I'm not going to select a random flat in London.

        Really? How about if you were told - like with passwords today - not to pick famous places. You might pick a random flat in London. One that isn't random for you. Maybe the one where you laid that gorgeous black girl on your first business trip there?

        And besides, even if you do pick famous places, you may have to be a bit more specific than that. You might pick Westminster Abbey, but not the whole building, but, for example the roof of the tower [google.de]. That's a lot more difficult to guess.

        This rivals one of the worst-ever schemes security schemes I've seen. A credit union I used to use would let you select a "secret question" from a drop-down list.

        And there's the massive

  • My 3rd grade teacher said geography would be useful one day.
  • This is excellent news! I will finally be able to set my password up as "CowboyNeal's Mother's Basement!" ;-)
  • I have a Garmin Nuvi GPS that does something similar for theft deterrence. If you enable locking on the unit, you must either input a 4 digit PIN code, or the unit must be in a pre-programmed 'Home' location when it is powered on for it to function.
  • The issue with this is that most people will either choose locations that are well-known landmarks, or which they are associated with. This vastly reduces the potential search space for a password based upon a physical location. But even if you choose a location at random... Let's pull a number out of the air: let's suppose there are 100 million buildings in the United States that represent potential candidate "geokeys". That's what, a 27-bit key? How long would it take to exhaustively brute-force a 27-bit

  • Real men don't use maps.

    'Nuf said.

  • My password is 12345 [google.com]

    Note to self: Now I have to change my password.

  • 14 Digit Password (Score:3, Interesting)

    by DaleSwanson (910098) on Wednesday September 29, 2010 @04:39PM (#33739696)
    Looking at Google Maps the area covered by the windshield of my car is about five places after the decimal point of precision in both lat and long. That is about one square meter and as precise as you could realistically expect users to be. That would mean each location would give you 2+5 digits for the lat and the long, a total of 14 digits for a password. That's 10^14 possibilities. For comparison a password made up of random characters (lower, upper, digits, special) for a total of 95 total possible choices would need to be seven characters long to have about the same entropy (67 trillion vs 100 trillion).

    Seven character random passwords are ok, but certainly not uncrackable. You could argue that letting the user choice several spots would greatly increase the entropy, but realistically the user is going to pick spots close together. Not to mention you could probably cut down on the possible locations with something similar to a dictionary attack, i.e., eliminating the vast expanses of nothingness that are unlikely to be chosen (like oceans, and deserts). Lastly, it relies too heavily on the mapping service. What happens when they update their images and your landmark disappears or moves slightly?
    • Re: (Score:3, Interesting)

      by Eivind (15695)

      It's worse than that. A LOT worse than that.

      First, the 2 first digits are hardly random, instead they can be guesstimated very well from the users aproximate location, for example if the user is American, the latitude is somewhere in the 30-50 range, which is a much smaller searchspace than -90 to 90.

      Secondly, aproximately 99% of anywhere is NOTHING. Nobody is going to choose as their password points which have no map-features nearby. Third, one meter resolution, is unrealistic. You might select a building,

  • How do you keep that secure in a public environment? If i type my password in a computer lab or at work, all anyone sees is a line of asterisks. If I have to hunt down a location on Google Earth, anyone and his dog can see where I clicked.

  • When I read the title I thought it would use your location in the part to valid you. IE: your IP indicates you are attempting to log-in from Europe and yet 1 hour ago you where logged in at your home in California. I have seen a website already do something similar to to... when I was using a proxy server and hit my account it knew my access was not from my regular IP address and prompted me for a some more security questions for validations - the secret question I wrote for the extra level of security

  • 10 digit lat and long? Well, if I did my math right that's about 0.8 inch north/south resolution. The east/west resolution depends on how far from the equator your location is; about 0.8" if you're at the equator, less otherwise.

    I doubt you have a world map wtih 1" resolution. I doubt you can click on the single pixel you intend on any map.

    It seems to me you can come at this from the other direction; the surface area of the Earth is on the order of 10^14 meters. Eliminate areas where a specific location

  • Wow, leaving aside the stupidity and inconvenience of using maps as passwords (sure, there's enough entropy, but shoulder-looking kills it, and it would take much longer to enter a password than with a text-based one), the entire article seems to centre around the concept that this will solve the "multiple passwords" problem.

    "Online passwords are tedious, and it seems like too many websites require one" ... "I hate creating a new password for every website where I keep even a scrap of personal information".

    • by mgiuca (1040724)

      Best way to check if you've made an improvement over an existing system:
      "Cheswick hasn't performed any usability tests to see how the average Internet user might respond, but anything's better than the current system."

  • How would one mask the picture such that a user can click on the map without anyone else obviously seeing? The good thing about passwords is that the word can be masked as you type it, with the idea being that only the user entering the password "knows" what's going in that box. An adversary can get it by keystrokes, sure, but that's much less obvious (hence, much more non-trivial) than seeing a user click a flamingo a few times to access a restricted zone. To make matters worse,

    I suppose it would be a g

Lend money to a bad debtor and he will hate you.

Working...