Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Security Technology

Let Your Theme Song be Your Password 275

An anonymous reader writes "The latest proposed solution to the fact humans suck at using passwords properly is to let people use digital objects, like mp3s, photos or videos instead. A file is hashed into a unique, secure string that acts as the real password. A paper on the idea was put forward in a recent Usenix conference on hot topics in security, and a Firefox extension that implements the idea is available too."
This discussion has been archived. No new comments can be posted.

Let Your Theme Song be Your Password

Comments Filter:
  • Hmmm.. (Score:5, Funny)

    by seeker_1us ( 1203072 ) on Tuesday August 12, 2008 @05:25AM (#24565373)
    The latest RIAA claim...

    "Your honor, the defendant has a musical password which was not authorized by us! By using it on more than one computer, he has distributed it illegally. We demand $700,000 in damages."

    • Re:Hmmm.. (Score:4, Informative)

      by Kent Recal ( 714863 ) on Tuesday August 12, 2008 @07:07AM (#24565903)

      On a similar note: This futz about "the password problem" is getting really, really old.

      Firefox Password Hasher [mozilla.org] exists.
      And for everything else you can just drop a similar program onto your cellphone, PDA or whatever gadget you carry around with you.
      Yes, it's not "perfect" security but it's probably the best tradeoff between convenience and security that we'll see in a long while. It won't get much better as long as human brains are involved.

  • by Anonymous Coward on Tuesday August 12, 2008 @05:35AM (#24565417)

    If you can use an MP3 as a "password" you may as well just go the whole nine yards and use a damn key file.
    This is stupid and redundant.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      But no one knows what song out of my thousands I'm using, and I can remember it easily because it goes doo-dee-dah-dit-da like I like. Sure it's only security through obscurity but it's still an interesting idea.

      • Re: (Score:3, Insightful)

        by Cheesey ( 70139 )

        But no one knows what song out of my thousands I'm using,

        Maybe they would look at the access times to see what files you'd opened recently?

        • Re: (Score:3, Insightful)

          by jabithew ( 1340853 )

          Also, last.fm would go from being an entertaining and useful resource to a massive security hole.

          (I know you wouldn't play the song every time necessarily, but it would severely limit the number of songs which it could be and give you a pretty good way to weight attempts.)

          • by MrNaz ( 730548 ) on Tuesday August 12, 2008 @07:33AM (#24566077) Homepage

            Who needs last.fm? A dictionary attack involving every song released by the RIAA in the last decade would run into (at a wild guess) a few million. Hashing those into a dictionary would take a few days or perhaps weeks, and once done, would not have to be done again. My bet would be on about a month before the first distributions of song hash tables by a bunch of bored kids who know how to use md5sum and bash scripting.

            So dictionary attacks with a few million possibilities? This "security" development is worse than the use of real, un-obfuscated dictionary words.

            • by Tim C ( 15259 ) on Tuesday August 12, 2008 @07:54AM (#24566225)

              Except that you'd have to do that for all realistic bitrates and encoders, values of the id3 tags, etc - basically anything that would alter the hash of the file. I wouldn't be too concerned about that.

              What I would be concerned about however would be targeted attacks, with malware being distributed that scans the PC for suitable media files, produces the hashes, and sends them home along with some identifier for the user...

              • Re: (Score:3, Interesting)

                by VagaStorm ( 691999 )
                Um... what happens if I change the id3 tag for my song? I will never be able to access anything ever agen? Thanx, but I think I'll pass :p
            • by muffen ( 321442 ) on Tuesday August 12, 2008 @08:11AM (#24566347)

              Who needs last.fm? A dictionary attack involving every song released by the RIAA in the last decade would run into (at a wild guess) a few million. Hashing those into a dictionary would take a few days or perhaps weeks, and once done, would not have to be done again. My bet would be on about a month before the first distributions of song hash tables by a bunch of bored kids who know how to use md5sum and bash scripting.

              So dictionary attacks with a few million possibilities? This "security" development is worse than the use of real, un-obfuscated dictionary words.

              A few MILLION???? Havent you heard all the music lately, it all sounds the same... take a hash of one Britney Spears song and you just got them all... and NO, I will _not_ leave Britney alone.

            • by JamesP ( 688957 )

              And that is why God invented salts...

              Oh wait, sorry, it was Chuck Norris.

              Also, you can pick a non-RIAA song, or just use your cell phone recording of your friend KUI (K is for Karaoke) last night.

            • by neoform ( 551705 )

              Two things:

              1. You'd need to actually have all those mp3s

              2. Each mp3 would have to have matching ID3 tags, otherwise the hash will be completely different.

        • That's why I always mount my file systems with 'noatime'!

          (Well ok, I do it because I have a flash disk and don't want any unnecessary writes)

    • Re: (Score:3, Insightful)

      by 0xygen ( 595606 )

      Amen!

      It's just a keyfile without any of the cryptographic advantages.

      Once one site / attacker has the "password", ie the file hash, they all have it. Unlike public key crypto, where you get to keep your private key!

    • A 30+ character password containing mixed case and symbols works for me, why can't it work for anyone?

      (that was sarcasm btw, though that is my standard criteria for a password, when systems allow something that secure).

  • Stupid? (Score:4, Interesting)

    by EdIII ( 1114411 ) * on Tuesday August 12, 2008 @05:37AM (#24565427)

    Maybe I am just way off here, but it sounds like what they want to do is to create a unique hash ("secure string") from a file on your computer.

    Well that would seem to mean that you have to possess the file first. So how does that not reduce password complexity down several orders at minimum? I know I probably have 3 million files at least on my system right now, but that is far less permutations than a 20 character password with "unprintable" characters (above 128 in ascii).

    I just don't see how this is not easier to defeat than a strongly created password. Easier for the user, but not an increase in security.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      It increases security because it potentially increase the password complexity and render it immune from dictionnary attack.
      But using mp3 as a keyfile is, IMHO, dangerous: what if you re-tag your song ? Windows Media Player has a "feature" to update the tags automagicaly...

      • Re:Stupid? (Score:5, Insightful)

        by EdIII ( 1114411 ) * on Tuesday August 12, 2008 @06:09AM (#24565623)

        It increases security because it potentially increase the password complexity and render it immune from dictionnary attack.

        It actually does neither. Where you are mistaken is thinking the complexity lies with the created "secure string". It does not. If this unique hash were like a MD5 hash than the complexity of the hash is simply the range of characters raised to the power of 32, the length of a MD5 hash. MD5 is hexadecimal I think (off the top of my head here), so that would be 16 unique characters. So a MD5 hash has 16^32 permutations.

        The problem however, is that the complexity of this new password IS NOT 16^32, or whatever the permutations of the "secure string" really is. It's complexity is the number of unique files on your computer. Create a "secure string" from every file on the system and you now have your dictionary that you referred to. The difference between this dictionary and a traditional dictionary attack is that there is a GUARANTEE that at least ONE of the entries in the dictionary is the right one.

        Your observation about the tags though, is spot-on. Any changes to that file at all will render it useless as a password.

        • Re:Stupid? (Score:5, Funny)

          by CrazedWalrus ( 901897 ) on Tuesday August 12, 2008 @06:26AM (#24565709) Journal

          I have a fingerprint scanner on my computer which uses libpam-thinkfinger (IIRC) to log me into my desktop session. You'd think the complexity was all the possible permutations of the lines and ridges on my finger, but really, it's just 1 in 10.

          Well, it used to be 1 in 11, but I had that fixed. :-)

        • Re: (Score:3, Interesting)

          by Urkki ( 668283 )

          If this unique hash were like a MD5 hash than the complexity of the hash is simply the range of characters raised to the power of 32, the length of a MD5 hash. MD5 is hexadecimal I think (off the top of my head here), so that would be 16 unique characters. So a MD5 hash has 16^32 permutations.

          Just to clarify, MD5 itself is not "hexadecimal" or anything like that. MD5 sum is a string of 128 bits, not any string of characters (well, unless you call a bit a character). MD5 sum can be and usually is interpreted as a number between 0 and 340282366920938463463374607431768211455, and can be represented in any numeral system. In non-ASCII contexts it usually is in raw binary, and hexadecimal or base64 is often used when using printable characters.

          But really, it's a number, and can be represented in any

    • Re:Stupid? (Score:4, Interesting)

      by Swizec ( 978239 ) on Tuesday August 12, 2008 @05:53AM (#24565533) Homepage
      The problem is people DON'T use secure passwords at all. Not even geeks have the discipline to use good passwords for anything but servers.

      The idea with mp3s is, I think, that instead of typing in a password you point to an mp3 on your USB key. Now since practically no two mp3s are exactly the same it'd be very difficult for an attacker to first know what song you used and second to have the exact same (bitwise) version of the song. This is probably as safe as you can get without SSL certificates.
      • Re: (Score:3, Interesting)

        by EdIII ( 1114411 ) *

        The problem is people DON'T use secure passwords at all. Not even geeks have the discipline to use good passwords for anything but servers.

        I'll certainly agree to that. However, I must be a super geek since ALL of my passwords are a minimum of 20 characters, a mix of lower/upper case, contains numbers as well as letters, and quite often contains characters from the extended ascii keyset (i.e ALT+163). Something like YankeeBravo3293834CharlieVectorFive with the "unprintable" character between the numbers a

        • by Swizec ( 978239 )
          So the problem is really what sort of bias you're giving the user. If you tell them to use an mp3 there will be a lot of similar passwords out there, but if you tell them to use a video they recorded with their cellphone ... that's practically uncrackable.

          And I wouldn't use this for websites or whatnot, only to be used with OS logins imho where the attacker doesn't have access to your files if they don't have your USB key ... which they shouldn't have in the first place ... but most users aren't stupid eno
        • by ruin20 ( 1242396 )
          A while ago I wrote a linux script that took the domain of the webpage I was at and mixed it with a single strong password to produce individual passwords. I don't use it any more (I was forced to switch to windows for my MBA and work) but I thought it was a pretty nifty trick.

          The idea here that a user should pick one file is absurd, for the security purposes everyone mentioned. But if you made them choose two files then the game becomes a little different. Throw in the ability to pick mixing/hashing algo

        • Something like YankeeBravo3293834CharlieVectorFive with the "unprintable" character between the numbers and Charlie.

          Amazing, I have the same combination on my luggage.

      • The problem is people DON'T use secure passwords at all. Not even geeks have the discipline to use good passwords for anything but servers.

        That's largely true... But I fail to see how picking a song is really going to help much. Instead of remembering your password is "p@ssw0rd" you now remember that your password is "Head Like a Hole, by Nine Inch Nails" How is that any harder to guess? How is that any harder for someone else to discover? How is that any easier to remember?

        The idea with mp3s is, I think, that instead of typing in a password you point to an mp3 on your USB key. Now since practically no two mp3s are exactly the same it'd be very difficult for an attacker to first know what song you used and second to have the exact same (bitwise) version of the song. This is probably as safe as you can get without SSL certificates.

        If that's the case, why use an MP3 at all? You're basically changing the security from something you know (Head Like a Hole, by Nine Inch Nails) to something you have

    • Re: (Score:3, Insightful)

      by tgzuke ( 737692 )
      Though, if Mallory has the ability to hash every file on your computer, you probably have bigger problems than password security.
    • Re:Stupid? (Score:4, Funny)

      by MickLinux ( 579158 ) on Tuesday August 12, 2008 @07:24AM (#24566011) Journal

      Much more secure, and easier, is just to remember a few words from the theme song, and craft them into a password, substituting numbers as appropriate. There are many more variants this way, and you don't have to modify the password programs.

      Then you work through the song, verse by verse.

      As an example, I change my Slashdot password once a month to keep it secure. I'm in the middle of "Money ain't for nuthin", and my current password is based on "Custom Kitchens": two days ago, I modified it to be "ku5t0mK". In about another three weeks, I'll modify it to something based on "refrigerators". Each time I update my password, I have no problem remembering it; and there's almost zero chance that anyone will hack my Slashdot account.

      • by Sapphon ( 214287 )

        Why would anyone want to hack your Slashdot account? Are there people out there just clamouring for the geek credibility of a mid-6-digit UID?

        • Okay, the method is actually one I use. But *not* on slashdot, honestly. I'm not going to give real information. Tongue in cheek, though, I was also pointing out another security flaw... you tell people your password, they'll be able to access your account. Publish it on the web, and ... ... anyhow, it happened to have to do with the title of the thread (Re:Stupid?). It was a little joke stuck in what might be otherwise useful comment.

          Hopefully, the moderators will rate you and me down through

      • I modified it to be "ku5t0mK".

        OMG HELP MY MOUSE IS MOVING BY ITSELF!

        lame caps filter lame caps filter lame caps filter lame caps filter lame caps filter

  • by Keyper7 ( 1160079 ) on Tuesday August 12, 2008 @05:44AM (#24565459)

    There's no cure for user stupidity, so if users are encouraged to use songs as passwords there'll be lots of users that'll use their favorite song as their password even though they downloaded it from iTunes or an specific pirate group (i.e. lots of people can have the exact the same song with the exact same encoding) and announce to the world what is their favorite song in the social networking profile.

    Instead, users should be encouraged to record whatever rubbish with their microphones and use it instead. Stuff like ambient noise and voice tone would make such signature unique even if the user puts very little effort in it. Heck, it could be a record of a fart.

  • by lattyware ( 934246 ) <gareth@lattyware.co.uk> on Tuesday August 12, 2008 @05:47AM (#24565487) Homepage Journal
    TrueCrypt had an option like this. The best thing, in my opinion is to use a password and files. (Yes, multiple files).

    My favourite system was to set up a TrueCrypt volume with a hidden volume. You have two passwords, and a set of files on a CD. The normal volume is opened with a password and all the files on the CD. The hidden is with the passoword and a selection of the files (I called them 0-9 so it ended as a 'pin' of sorts).

    This means two things to know, and one to have, plus plausible deniablity, which isn't bad.
  • by millwall ( 622730 ) * on Tuesday August 12, 2008 @05:51AM (#24565519)
    Hmm, I wouldn't want to be the sysadmin to recover a lost goatse "password picture"!
  • by abecede ( 1097981 ) on Tuesday August 12, 2008 @05:53AM (#24565531)

    Think about one of your favourite songs, poems (e.g. "Hey Jude" by The Beatles)
    Now take the first letters of the refrain or the first verse (e.g. "Hey Jude, don't make it bad") and you get "HJdmib"
    If you like, translate it a little bit into "l33t speak": HJdm1b
    And you have a great password that you can remember easily.

    EDUCATE your users!

    • Re: (Score:3, Informative)

      by shilly ( 142940 )

      You might give credit where credit is due:

      http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-500.pdf [cam.ac.uk]

    • by Minwee ( 522556 )
      That's brilliant. I'm sure that no hacker in the world has ever even heard of 'l33t speak', let alone considered that you might be using it in a password.
  • by silentcoder ( 1241496 ) on Tuesday August 12, 2008 @05:59AM (#24565575)

    All security needs some way to identify a person to a computer, which should be as hard as possible to fake. Biometrics rely on unique (but not unfakeable) biological traits of a person, passwords rely on knowledge which hopefully nobody else has - they however rely on custom hardware to get this biological data (e.g. fingerprint scanners) - which makes them wholly unsuitable for the web.

    One possible replacement for passwords is security keys, which now relies on not letting anybody else get access to a certain file. The fact that those, by themselves, are not secure enough (as getting a file once now opens up the whole world it's used on) is why most key-based authentication systems allow you to protect the key itself with a passphrase. It can still be more secure as you can prevent the servers from accepting passwords so they cannot be so easily brute-forced but if somebody gets the keyfile, bruteforcing the passphrase is perhaps even EASIER as he can do it on his own machine where it cannot be logged by the target.

    Replacing the key with a picture or a sound file won't help much - unless you can protect access to the file... which leaves you right back where you started. Even if you just send a hash based on it (so it cannot be ripped from a server) anybody who gets the file (and knows what file to get) has all your access.
    And now... there isn't even a pass phrase to protect it.

    The fundamental problem of all security remains - the identifying information needs to be limited to a single person. Whether that is something in his head you try to stop others from guessing or brute-forcing, or something about his body or a file on his computer - there is still no real way to make sure it cannot be faked.

    You could come up with a billion variations on the theme. KDE has the option to lock the screen if a bluetooth device is out of range, and unlock it if it comes back into range (I'm sure other desktops/OS's have similar tools) - now you rely on an object (like a cellphone) being owned by a certain user and hard to get without that person noticing - but you're back to why we don't use fingerprint scans to log onto websites. Users need trusted hardware for it to work (trusted by the service provider I mean) - the only way to prevent any old scanner with a picture of somebody's thumb (and who has never taken one of those by accident ?) - that are not common and are expensive. Even if you could make it trusted, when you cannot see the user, you cannot be sure his hardware isn't compromised. Even if you lock the hardware with a secret key (DRM style) you still cannot prevent it being fooled with a picture of somebody's thumb (and who hasn't taken a few of those by accident over the years ?)

    Ultimately, we won't really have better security until we crack the problem of identifying a person who is somewhere else. Even the most draconian approaches won't work, if you require a webcam stream of the person - that won't be impossible to fake either, in fact since nobody could monitor all of them, all of the time, moving the cam or sending back a recording will be ridiculously easy.

    In short this is just another attempt to come up with a better kind of keyfile - and frankly, it's not even as good as the ones we have - and nobody has really grokked a better way to solve the identity of a distant person problem yet.

  • It's an interesting idea, but what happens when you lose the file? Basically you are up the proverbial creek with no way back.

    Suggesting you can get the file back off some p2p network is misleading. You have no guarantee that the file is exactly the same as the copy you had. So you are limited to files that you alone have. If you are careless with backups, or unthinkingly resample your MP3 or photo, then say goodbye to your unique hash.

    It's all possible, but users of it would really need to get in the

    • It's an interesting idea, but what happens when you lose the file? Basically you are up the proverbial creek with no way back.

      I don't think that's necessarily a show stopper. All systems have ways of resetting the password. For companies, the corporate helpdesk can set it to a known value and have the user change it at next login. For your linux desktop, just boot up with the S kernel option.

      People lose/forget passwords all the time. Helpdesks have dedicated call queues just for that occasion.

  • by TeknoHog ( 164938 ) on Tuesday August 12, 2008 @06:02AM (#24565593) Homepage Journal
    I think I'll use Sting's "Let Your Soul be Your Pilot", with slightly altered lyrics.
    • Re: (Score:3, Funny)

      by MoreDruid ( 584251 )
      heh... I wonder how many people will just record "My voice is my password" just so they can sound like in the movies...
      • Re: (Score:3, Funny)

        by GregNorc ( 801858 )

        Actually the line was "My voice is my passport." in Sneakers.

        Turn in your robe and wizard hat. You have been dismissed from the geek squad.

  • What a stupid idea (Score:3, Informative)

    by the_olo ( 160789 ) on Tuesday August 12, 2008 @06:05AM (#24565599) Homepage

    In practical scenarios, this idea actually reduces key space needed to be searched in comparison to passwords. Why the users clueless enough to not handle passwords properly would handle music-based passwords better?

    And you don't have to use your Facebook profile's picture to be obvious. I bet that majority of passwords will be Eminem or Rihanna [mp3.com] MP3 clips downloaded from some p2p networks (most people don't even know how to produce and compress their own sound file); there are also certain songs that are significantly more popular from others. So there will be lots of identical passwords that are easy to guess.

    A good password should be as random as possible. This is far from random. You get all sorts of hints from the public information about global music market and the password data is based on publicly available audio data. In addition, if you know your victim, you can even make more correct guesses as to what songs did that person choose.

    • Re: (Score:3, Insightful)

      by pmontra ( 738736 )

      I think you're right. An attacker would just keep downloading music and video files from torrents to update a database of common hash values and use it for dictionary based attacks.

      If one wants to create a really secure hash he should just use a file containing random data. But isn't easier to create a random password instead?

      So this proposal looked good but it shouldn't have passed the brainstorming phase.

    • A good password should be as random as possible. This is far from random. You get all sorts of hints from the public information about global music market and the password data is based on publicly available audio data. In addition, if you know your victim, you can even make more correct guesses as to what songs did that person choose.

      Exactly. All someone would have to do is look at my last.fm profile to get a pretty good idea of the stuff I listen to. Or, barring that, see what CDs I've got lying around my house. Even just paying attention to what radio station somebody typically listens to would give you a pretty good hint.

  • by Plantain ( 1207762 ) on Tuesday August 12, 2008 @06:39AM (#24565781)

    Something tells me a significant portion of the people who'll ever use this will pick "White and Nerdy" by Weird Al' as their theme song... which would kind of invalidate the whole system :>

  • Every one of us would choose William Shatner's, "Lucy In The Sky With Diamonds".

    • by repvik ( 96666 )

      Yours is the fourth claim of "Every one of us would choose"...
      Rick Astley - ...
      William Shatner - LSD
      Happy Days themesong
      Weird Al - White and Nerdy.

      Any more obvious songs?

  • Maybe I'm missing something, but how can a file-based password -- being an object that actually exists on your computer (thus accessible to anyone with physical access to your computer EVEN FOR A FEW MOMENTS) -- be MORE secure(?!) than something that does NOT actually exist anywhere but in your mind only?

    Consider:

    1. many people access their bank accounts, their PayPal accounts, etc, using their computer.

    2. only static (unchanging) files can be used for passwords. This means no
  • rickroll (Score:3, Funny)

    by n3tcat ( 664243 ) on Tuesday August 12, 2008 @07:51AM (#24566211) Homepage
    I'll just use "Never gonna give you up" by Rick Astley. I'm sure everyone's forgotten that song by now, right?
  • Really Bad Idea (Score:3, Insightful)

    by Bandman ( 86149 ) <bandmanNO@SPAMgmail.com> on Tuesday August 12, 2008 @08:06AM (#24566313) Homepage

    There are so many reasons this is a horrible idea...

    Aside from all the normal vulnerabilities to phishing and such, first and foremost, a good authentication system requires 3 things, something you know (a password), something you have (an ident card), and with today's technology, something you are (biometric scan). Since everyone doesn't have an iris scanner on their laptops yet, we typically settle for the first two (though fingerprint scanners on laptops are becoming ubiquitous).

    This proposal takes away the something that you know, leaving only the something that you have. It makes it essentially the same as key based authentication for ssh. It's secure, but I don't distribute my laptop's keys for a reason. If it gets stolen, your private key is compromised and you scramble to pick up the pieces. If it was used more frequently, and from multiple physical locations, that increases the likelihood of it being compromised since it's always got to be with you

    I'm really fond of some of the two way authentication systems that some banks are using now. My bank is pretty lame, it just shows me a picture with some text that I've selected beforehand. I've read online where other banks will actually send an sms to your cell phone, and you have to enter that SMS to log in. The poor man's RSA token, if you will.

    • by T.E.D. ( 34228 )

      Aside from all the normal vulnerabilities to phishing and such, first and foremost, a good authentication system requires 3 things, something you know (a password), something you have (an ident card), and with today's technology, something you are (biometric scan).

      Isn't that really just something you know and *two* things you have (an ident card and your retinas or fingers)? Someone sufficiently motivated can take them. I've seen it in the movies, so it must be true. :-)

  • by SaberTaylor ( 150915 ) on Tuesday August 12, 2008 @08:07AM (#24566319) Homepage Journal

    The solution to authentication is something like the IronKey (a hardened USB drive for storing passwords) but with asymmetric crypto.

    So you would go to Gmail, gmail would send a challenge that goes to the browser. A library on your browser would send the challenge to the USB device. The USB device would respond by signing the challenge asymmetrically, and that signature would route back through the browser to Gmail. Then you have 1 authenticated session until you destroy it. For sake of convenience imagine the implementation as using PGP -- public key, private key. Gmail has the public key, your USB device has the private key.

    This is great since you could read your webmail on a friend's computer, or post Slashdot comments without leaving behind a persistent authentication token (barring a fake logout screen). Or there could be a keylogger on your home computer but it wouldn't be able to scrape persistent passwords and pass those on.

    The only reason that humans don't use asymmetric security is that we're too stupid. Otherwise if we wanted high security we would be looking at screens of cyphertext and reversing the one-way function (a^b=c) in our heads. Given that we're too dumb, why not do not put our authenticator on a device that goes on a keychain with our other keys? (And you could make a backup just like with your other keys.)

    I can't wait until /. posts the next stupid idea for replacing passwords (my favorite ice cream is LBtHrbjCi) so that I can copy-paste this comment again until I get early enough for +5.

    • Re: (Score:3, Interesting)

      The solution to authentication is something like the IronKey (a hardened USB drive for storing passwords) but with asymmetric crypto.

      That's a good start, but there are still a couple of holes to work around. For example, you can't trust the local terminal; in your example it isn't even your system, and even if it was it may be compromised in some way. The authenticated session allows the computer, not just the user, to e.g. send mail, or change settings, or access any mail in the account (not just the ones

  • by Missing_dc ( 1074809 ) on Tuesday August 12, 2008 @08:12AM (#24566351)

    What was that Jiminy-Cricket??

    "Let Your Theme Song be Your Password, and Always Let Your Conscience Be Your Guide"

  • not using files, but I do use music to create passwords...or at least pw that I want to be very secure.

    I use guitar chords, pick a phrase from a song, and make the chord name/fingering the password.

    ex: E022100A*02220D**0232
    *=a string you don't hit. Use any special char for it.

    can be as long as you feel like typing and it's easy to remember (if you play guitar, would work for just about any other instrument I would imagine)
    • And now you have an incredibly easy to brute-force password, provided they know what kind of scheme you use.

      You want to mix capitalization for sure, and you need to find a way to use more alphabet than just a-g. You definitely want to delimit things with symbols too, just enough variety to make it hard to brute force.

  • Half the nerds and geeks I know would have the same sound as their login sound. The Imperial march from Starwars (vader's theme).
  • Even though this method doesn't really create terribly secure passwords, I imagine this is a large step up for most users. If you have 100,000 files in your computer and one was chosen at random (at random meaning NOT by a human being), that makes your password worth about as much as a 16 bit key. This is less than a 3 character randomly generated password.

    If you want a strong password jammed into a tiny space (6 to 8 characters), generating one randomly -- from /dev/random or some other reliable source o

  • My voice is my passport. Verify me.

"If you can, help others. If you can't, at least don't hurt others." -- the Dalai Lama

Working...