Graffiti as Password - Secure and Memorable

Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."

More secure, less useful.

[srollyson]

It's tough to imagine hand-drawn passwords becoming much more popular than USB fingerprint readers. True, they increase security over standard text passwords, but how am I supposed to give a throwaway password to a coworker so that he can use my machine while I'm on vacation? The only thing that would make this more ubiquitous than fingerprint readers is the fact that you can use pre-existing touch screen or stylus interfaces as described in the article. In my opinion, this technology won't be able to fill the needs of anything more than a niche market. Nor will people need more than 640K RAM.

Re:

[Ragein]

I see the point but come on how many of us actually have a touchscreen on ALL of our web browsing devices? This idea is a non started unless it will upgrade my macbook into a tablet.

Re:More secure, less useful.

[vertinox]

True, they increase security over standard text passwords, but how am I supposed to give a throwaway password to a coworker so that he can use my machine while I'm on vacation?

Um... Not to side track. That is just a bad security practice. If you need to give your coworker rights to your computer, you give him rights to log into that work station with his name and password.

If he needs to get to your profile or files, then you simply give him the same permissions to access those files. In a windows environment, I would add him to the users so he could log into the machine locally and then set folder permissions to read/write to C:\document and settings\(my profile). On a Mac, I would give him read/write to my home directory. (Of course I don't trust my coworkers that much so I'd put the files they need access to in a single shared folder and let them have at that)

Of course you need to be on a domain of sorts and/or have rights to modify permissions on the files and folders that you own.

If you don't have the permissions to do so (which means IT security doesn't trust you), then I suspect your IT security would beat you with a large 2 by 4 if they found out you gave your password to a coworker.

Re:

[srollyson]

Um... Not to side track. That is just a bad security practice. If you need to give your coworker rights to your computer, you give him rights to log into that work station with his name and password.

That's a good point. I'll admit, I've only done this once and I should probably be slapped for my laziness.

Re:More secure, less useful.

[Anonymous Coward]

Someone invented a third dimension a few years ago.

Re:

[forkazoo]

Um... Not to side track. That is just a bad security practice. If you need to give your coworker rights to your computer, you give him rights to log into that work station with his name and password.

I don't disagree that the OP was suggesting bad practice. But, whether you are giving them the password for your account or for their own, you still need to allow somebody a way to initially authenticate, so they can pick something of their own. How exactly do you say, "Hey bob, I've set up an account for you,

Re:

[diskis]

You are now assuming that the entire authentication process stays unchanged, and why would it with something completely new? How about an authentication server? Bob logs in on your computer. Your computer sends Bob's doodle to the authentication server which replies if it is Bob or not. Let Bob log in with his own doodle, associated with his account.
Thats not even a new technology, kerberos works kinda that way.

Re:

[forkazoo]

You are now assuming that the entire authentication process stays unchanged, and why would it with something completely new? How about an authentication server? Bob logs in on your computer. Your computer sends Bob's doodle to the authentication server which replies if it is Bob or not. Let Bob log in with his own doodle, associated with his account.
Thats not even a new technology, kerberos works kinda that way.

Yes, I've managed NIS and Windows domains, so I'm aware of the idea of an auth server. But, my q

Re:

[tgd]

The same way you do if you are doing biometric or prox authentication in a situation where there aren't usernames/passwords -- you enroll at an enrollment station with an alternate proof of identity (which could be an employee badge shown to a real person, a single-use PIN mailed to your house or a slew of other methods)

This isn't uncommon.

Re:

[complete loony]

And what specifically is on your workstation that is so vital to the company that you need your coworker to use your machine to have access to it? Why isn't it already reachable on the network and backup up remotely?

Re:

[JDHowells]

Do you hand your fingertip to your colleague when you go on vacation? As difficult as giving him your hand drawn password would be, it might still be easier than spending your time looking like you annoyed the Yakuza.

Re:

[corpsmoderne]

It's tough to imagine hand-drawn passwords becoming much more popular than USB fingerprint readers. True, they increase security over standard text passwords, but how am I supposed to give a throwaway password to a coworker so that he can use my machine while I'm on vacation?

When was the last time you let one of your fingers to a cowroker while you're on vacation?

Dupe

[damaki]

http://it.slashdot.org/article.pl?sid=07/11/01/2241246 [slashdot.org]
Nothing to see, move along.

Dupe as password!

[EmbeddedJanitor]

That wouldn't be sucure would it?

Not a dupe

[phaunt]

No, this is not a duplicate, but an improvement on the Draw A Secret technology discussed there, as is stated in the summary:

The people behind the new work have refined the technique by parsing the shapes with a flexible grid, and using existing images as a background to reinforce memory of the password.

This as opposed to the DAS technology, that uses a rigid grid and a user-drawn background image.

Re:

[damaki]

From the previous article :

By superimposing a background over the blank DAS grid, the Newcastle University researchers have created a system called BDAS: Background Draw a Secret. This helps users remember where they began the drawing they are using as a password and also leads to graphical passwords that are less predictable, longer and more complex.

Re:

[phaunt]

I stand corrected; I was under the impression that their background image was user-drawn, but in fact it wasn't.

However, in that article [ncl.ac.uk], there is no mention of a flexible grid; in this one [arstechnica.com], there is.

Re:

[failedlogic]

Let's remove the dupe tag. Replace it with Short-Term Memory.

Re:

[Anonymous Coward]

You should have attended a slashdot 10-year anniversary party. Lots of buttsex, believe you me. My asshole still hurts! We (Ann Arbor, Michigan) decided to make it a monthly event!

Myspace crackers would love this

[antifoidulus]

odds are the password of a 14 year old boy would be a spacegun, so that pretty much gives you control of half the accounts on there :P

Re:

[Aesir1984]

Spacegun? Having been a 14 year old boy at one point I can tell you it the password would be a picture of an attractive, scantily clad woman. Actually that would probably still apply today...

Re:Myspace crackers would love this

[tweak13]

odds are the password of a 14 year old boy would be a spacegun

Is that what the 14 year old kids are calling it these days?

Spacegun ? Start with lower complexity form

[aepervius]

Like star or heart or circle, or square. Ever wondered why mentalist magician act work so wonderfully when they ask the public to chose a shape ? That's because most people will always chose the same shape. I am not sure if you increase or decrease the security because the dictionary attack would be easier (a few form that many people would use) but the possibility for each form would be higher than a simple lower case/upper case...

People are forgetting something

[gilesjuk]

Firstly, passwords are used a lot on the web. Having a password system where you have to draw limits the use of websites when using a mobile device.

Secondly, if people can't see they can't easily use a system where you draw.

Other problems are what language or plugin do you use? flash, java?

You also have to store this information in a database in some form. These methods prevent brute force attacks but won't stop people using SQL injection and other exploits.

Re:

[damaki]

Secondly, if people can't see they can't easily use a system where you draw.

It does not seems to prevent captchas from popping everywhere, then it should not make a difference to deliberately ignore blind people some more.

Touch screen

[tepples]

Having a password system where you have to draw limits the use of websites when using a mobile device.

O RLY? Nintendo DS has a touch screen. Pocket PC and Windows Mobile Smartphone have a touch screen. Apple's iPhone has a touch screen.

Secondly, if people can't see they can't easily use a system where you draw.

Nor can they use the visual CAPTCHA next to it. Any business subject to the Section 508 requirements (or foreign counterparts) will install an alternative authentication mechanism and make it available to anybody who provides proof of disability.

Other problems are what language or plugin do you use? flash, java?

What about HTML 5 Canvas [whatwg.org] with a fallback to one of the above?

These methods prevent brute force attacks but won't stop people using SQL injection and other exploits.

SQL injection? What's that? Or are people still using plain old str

Re:

[westlake]

if people can't see they can't easily use a system where you draw.

it's a problem for those who have arthritis, Parkinson's Disease, and so on.

strong passwords are difficult to remember. complex procedures are difficult to repeat.

the more tolerant the drawing program becomes, the less likely it is to provide significantly more security than a fingerprint reader.

and a fingerprint reader doesn't have quite so naive and vulnerable as those demonstrated on Mythbusters

Re:

[ascendant]

You are looking at this from the wrong direction. I'm thinking the best place for this security measure would be a local setting. You could draw your pass on a PDA you own, or show it off as a cool way to get root on your new desktop linux. Anyway, I thought blind people can draw. And even if they can't, they wouldn't be looking for any PDA, now would they? They'd look for one tailored for blind people. Finally, if it's local, the language doesn't matter anymore. I thought it would be obvious this is

Get off my lawn!

[exploder]

Man, I'm tired of all these complicated new password schemes...my bank uses "security code", a "password", and an image, plus they ask you personal questions that half of us don't even have a definite answer to, such as, "what was your favorite candy as a child" or "what's your favorite vacation spot?" Even if I do remember the answer, I have to remember whether I capitalized, and exactly how I typed it. What a pain in the ass. I get locked out of my bank all the time.

God dammit, just let me pick a nice strong password. I can remember passwords.

Oblig. Penny Arcade

[xenocide2]

What is delicious [penny-arcade.com]?

Enforcement Policy

[LiquidCoooled]

You must change your graffiti drawing every 7 days and ensure you do not use the same sequence of circles squiggles strokes or triangles.
Your graffiti sketch also must be greater than a house and a tree in complexity and has to include accurate birds and sunshine bars.

Re:

[SEWilco]

"a graffiti-laden alteration of your favorite politicians campaign photo"

Mustache is not sufficient alteration. Please redraw your password.

pain in the..

[Anrego]

I have a hard enough time typing in my plain text password in the morning when I get into work through my one blood shot eye.

I think it would be a major pain in the ass to have to draw a picture every time I wanted to log into my computer.

Re:

[DarkIye]

...my one blood shot eye.

'Type in your password'? Why would a sheep farmer need to do that?

(Oh, god, I hope the moderators get this one.)

Not as secure, IMO

[rustalot42684]

What happens when the person next to you looks and sees what you're drawing? The advantage of text-based passwords is that you can have them as stars or whatever onscreen. And if the users are unwilling / too stupid to make secure passwords (with numbers/letters/symbols), a drawing isn't going to be fundamentally more secure anyways, it's just a gimmick.

Re:

[kc2keo]

I suppose in place of the starts while typing you could have it show maybe a bunch of tux penguins then if the pass validates against the right one then it logs you in... probably stupid thought but that is what I can think of at the moment.

huh?

[religious freak]

I still don't get how these things are supposed to work, really. So you can draw a picture of graffiti and that's your password?

What if I can't draw?
How can you obscure this while "entering your password"? Seems like it'd be a lot easier to see than what someone is doing on a keyboard.
How much is the extra hardware going to cost and would the business want to pay for it?
Why not just do fingerprint recognition?
etc, etc...

I'd say less secure

[Kabuthunk]

I can't see how it's more secure. I'm sure many, many passwords will just be some random part of the background, like the bird or a tree, just coloured in.

Also... if we're so much better at remembering images, then one just has to glance at the screen someone is drawing on and then whoops... looks like they remember it too now.

Re:

[PK077295]

Agreed, and I wonder how long is the average tine it takes to draw a graffiti, compared to typing 30 letters password... If it's pre-drawned and user need only choose, those brute forcers will be very happy. =/

Memorable?

[Bieeanda]

I don't know about anyone else, but even my signature tends to shift a bit every time I jot it down to take a delivery or acknowledge a credit card payment. Even something as simple as a circle is going to throw no-match errors, unless the system's got a lot of built-in leeway for curves and squiggles that aren't in precisely the right spot.

Re:

[westlake]

I don't know about anyone else, but even my signature tends to shift a bit every time I jot it down to take a delivery or acknowledge a credit card.

This is the classic way of detecting a forgery. If two signatures are identical, one has to be a tracing. Any kid who was reading The Hardy Boys or Nancy Drew in the 'thirties would have been exposed to the idea.

Re:

[jansenlu]

i share the same problem as well. it's hard to associate graffiti to something i can easily remember and repeat well.

Works for me.

[Ralph Spoilsport]

On one site, there's a picture of George Bush, I type ASSHOLE, and I'm in like flint.

Really easy to remember!

RS

Universal Access

[ddrichardson]

This system doesn't lend itself to those with visual impairment very well. In fact, having recently injured my right hand I have had difficulty writing, yet a fingerprint reader is still perfectly usable.

Done and Done

[Sir_Brysonic]

I just finished changing all of my passwords to "Graffiti". I'd better tell my friends to do the same!

Locked out

[Joebert]

The password to your porn collection is your porn collection ?

Brilliant !

Re:

[Joebert]

For the last time, Hillary Clinton is NOT a man !

Signature...

[aqsalter]

So a signature still remains the best way to individually identify someone?

Re:

[AgentSmith]

Graffiti, eh? In that vein, then the input device will be a virtual spray can.

Yo vato! I gunna login to my PC. Check it, my dope password!
*Pssht* *Pshhhhht* *Psssssssssssssssssssssssssssht*

Really.
Default passwords could be simple shapes likes circles and triangles.
No need to see a screen.

Complex and strong passwords are more complex drawings.
A touchpad sensor could sense that certain coordinates are contacted in a sequence.
Throw in a margin of error, so people aren't directly duping your password sketch.

Ano

Mouse ?

[garphik]

what would be the input device ? mouse ... if so most of the people will spend long time trying to log in.

Missing the point, people

[darealpat]

Most comments are missing the "point" made in the end of the article about mobile devices, which IMHO means that this "technology" is better suited for that type of device, NOT "regular" computer terminals. Perhaps not even ATM's at this time because shoulder surfers will probably remember your password easier too. For those who use mobile devices as an integral part of their job (accessing databases, records, etc.), this technology makes sense.

You mean something like This??.....

[darkonc]

Imagine having your password be a graffiti-laden alteration of your favorite politician[']s [flickr.com] campaign photo..."