Forgot your password?
typodupeerror
Security

Using Images as Passwords 268

Posted by CmdrTaco
from the please-select-15-images dept.
TekkenLaw writes "According to this news on Reuters, MS is looking at images rather than plain old text for enhancing security. The key - images, which tend to make more of an impression on people than strings of text characters. This is especially interesting in context of the crappy passwords story that ran on Slashdot that ran few days back." So when you call support to get your lost password, will they ask you what your mothers maiden hair color was?
This discussion has been archived. No new comments can be posted.

Using Images as Passwords

Comments Filter:
  • thumb (Score:4, Interesting)

    by zephc (225327) on Saturday March 23, 2002 @12:56PM (#3213031)
    a friend of mine has a cool USB device that reads his thumb print, and he uses that to unlock his Windoze box.
    • Re:thumb (Score:5, Funny)

      by Phosphor3k (542747) on Saturday March 23, 2002 @01:10PM (#3213095)
      It will be pretty cool when I cut off his thumb to get into his box. Or cheese grate his thumbs so he cant get in.
      • Yeah.. or someone simply records the data sequence the device sends the computer and replays it.

        Phones send tones which represent coins. For some reason it took a long time for designers to turn off the mic until the phone had dialed and the call paid for :)

        15 locks on the door doesn't close an open window.
  • a string of characters as a password how am I going to remember exactly which points and which sequence of points/graphics to click???

    I don't get it - call me flummoxed.
    • MS passed on the Idea of Gesture Based Passwords.

      Even they realized that most people would likely have some variatin on one favorite gesture to use with MS software.

      And complex gestures would begin to resemble an arcane and ancient magic ritual. (which is an idea for a sf story someplace)

  • for pr0n site access ;-)
  • AfterDark (Score:3, Interesting)

    by mlknowle (175506) on Saturday March 23, 2002 @01:00PM (#3213055) Homepage Journal
    AfterDark for Mac OS used to have a feature like this; you could select an image, and you would have to click on a certain part of it, optionally holding down a control-key combo, to unlock the screen saver, rather than type a password.
  • Eyes, nose, mouth (Score:5, Insightful)

    by Anonymous Coward on Saturday March 23, 2002 @01:01PM (#3213058)
    Can you guess which points a typical person would click on that image of a face? That's right - Eye, eye, nostril, mouth.

    People don't select lousy passwords ONLY because they are lazy. They also select them because they don't think there is a credible threat to their accounts. They don't BELIEVE in hackers who would target them.

    Without an increase in paranoia among average people, I don't see how a user-selected secret will ever provide security.
    • by andyh1978 (173377) on Saturday March 23, 2002 @02:01PM (#3213270) Homepage
      Can you guess which points a typical person would click on that image of a face? That's right - Eye, eye, nostril, mouth.
      user@server:~$ passwd
      Changing password for user
      Old password:
      click click click
      New password: click click click
      Bad password, too simple. Try again.
      Password must be at least 5 pictures long, and include one body part, one mammal and one reptile.
      New password:
  • Interesting, but.. (Score:2, Interesting)

    by zapfie (560589)
    Novel idea, but I can see a lot of practical problems arising. For example, how do you determine how much room for error there is in clicking on certain parts of an image? Someone might choose to click on the sky, then a boat for their password. Will positions be based on something like +-5 pixels from where you originally clicked, or something smarter like using a magic-wand kind of algorithm? Also, what about people who are blind, or visually impaired? How will people sitting down at a computer figure this system out when they are presented with a picture? If you wish to share your password with someone remotely, how do you do it? (e.g. your mom forgets the password to the family computer and calls you up). Don't get me wrong, it's a novel idea, but I can see a lot of issues coming out of this.
  • by qslack (239825) <qslack@NOSpAM.pobox.com> on Saturday March 23, 2002 @01:02PM (#3213062) Homepage Journal
    Welcome to Microsoft Windows .NET 2005

    In order to log in, please choose the One who you will truly worship, for He is the Supreme leader.

    [ LINUS TORVALDS ] [ BILL GATES ] [ ROB MALDA ] [ LARRY WALL ]

    Note: According to the EULA you agreed to unknowingly, choosing the wrong password could result in death and/or excommunication.
  • The future (Score:3, Funny)

    by wrinkledshirt (228541) on Saturday March 23, 2002 @01:02PM (#3213065) Homepage
    "Thank you for participating in the required MS Passport sign-up verification to get your latest reinstall of XP2005 to work. We're sorry, but the image of a closed fist lifting the middle finger has already been taken. Others you may want to consider: You lifting your middle finger while wearing gloves; you lifting your middle finger while wearing a Cracker Jack ring..."
  • Dumbed-down (Score:4, Interesting)

    by zecg (521666) on Saturday March 23, 2002 @01:03PM (#3213066)
    From the news story: "Even with such a system, people would still be susceptible to "shoulder surfing," in which someone watches a computer user type in their password."

    Users would have to be fools to "click" their password unless they are positively alone in the room. The current standard at least has masked text on screen, and the order of keys on the keyboard is VERY difficult to track even when the user is moderately good at typing.

    Let's not forget that in the case of the new photo passwords, with 50% of users you would only have to know the "Lenny Bruce sequence" in their Playboy passphotos: T'n'A

    ~zecg.
    • A "keylogger" type app would be easy enough to write, as well. Just capture the X-Ys of mouse clicks. Feed that file back through the password protected program/site/etc, and viola, instant access.

      Why this will be more secure, I'm at a loss for. More convenient for the intellectually-challanged, perhaps, but as Microsoft so aptly demonstrates, higher convenience means lower security.
    • Users would have to be fools to "click" their password unless they are positively alone in the room. The current standard at least has masked text on screen, and the order of keys on the keyboard is VERY difficult to track even when the user is moderately good at typing.

      On the flip side of things, it's very hard to use a sniffer on a visual password, especially if the password screen is smart enough to move the location of the images around on the screen.

      With regular passwords, install a keyboard sniffer, and you're in.
    • "Users would have to be fools to "click" their password unless they are positively alone in the room. The current standard at least has masked text on screen"

      So we just make the mouse pointer temporarily invisible. Problem solved. ;)

      graspee

  • by maggard (5579) <michael@michaelmaggard.com> on Saturday March 23, 2002 @01:03PM (#3213071) Homepage Journal
    Great, legions of office workers poking the their boss's eyes out to log in every morning, doubtlessly from left to right.

    Next up will be the "Tapping System" where folks will rap out "Haircut & A Shave" on their desk to log in.

    What other quirks of human nature will next be put to use trying to identify folks? The "Mictation Flex Rate"? The "Eyebrow Lift/Tongue Roll"? How about the "Tell the Same Stupid Joke" one; I've had co-workers who've been able to do those hundreds of times over & over without a single variation.

    Or just teach folks how to use good paswords, put in some really good acceptance tests, and make it clear that if security is compromised by their poor password choice they'll be held responsable, same as leaving the door to the safe open.

    Nahhh, there's gotta be a technolgy fix...

    • Re:The Hard Way (Score:2, Insightful)

      by ptbrown (79745)
      So long as there is money to be made in selling technology, people will continue to sell technological solutions to social problems.

      ... of course, there is no technological solution to a social problem. This is the fallacy in anti-piracy, censorship, political correctness, etc.
  • by 1984 (56406) on Saturday March 23, 2002 @01:03PM (#3213074)
    This is kindof interesting. A couple of things spring immediately to mind.

    First, presentation of the image will (may) vary in different situations. The visual presentation of a password is pretty irrelevant: as long as you can understand and input the right symbols the font, colour size etc. in which they are presented isn't relevant. On the other hand an image must look substantially like the crib image. Sounds obvious, but consider differences in resolution, colour depth etc. You can divide the image into regions (a grid, perhaps) but ultimately there will be a limit to the resolution of the grid that you can rely on (not to mention input errors limiting the viable grid resolution.) To get more possible regions, you'd need a plain bigger image to get around the input resolution issue. All of which complicates the implementation (of course, you could break each image down semantically somehow, but that sounds like a further adventure altogether.)

    And, after all that, prople may turn out to have pattern preferences that are "as crappy" as poorly chosen passwords? Always use a photo of your daughter and click on both eyes and outline her cute smile? Ooops. Use your country flag and click where regions of colour meet?

  • Then the government can check to see where you like clicking pictures.

    Did you use the Iraqi flag as your password?

    Are you clicking on suggestive areas of that picutre of Natalie Portman?

    I much prefer just having a city-wide network of surveillance cameras to verify my identity at all times.(/sarcasm)

    Read Lostbrain's Oscar Predicitions! [lostbrain.com]

    tcd004
  • by Scratch-O-Matic (245992) on Saturday March 23, 2002 @01:16PM (#3213111)
    a keyboard. It would be easy to remember where to click, because I could remember it as a string of alphanumeric characters. I think this technology has promise.
    • a keyboard

      Actually that would be pretty cool, and I'd be particularly secure. I'd probably click in between the keys just because I can :)

      -
  • MS figured out that it can gather more than just boring ol' text information... It can gather images or sounds, or almost anything.

    How about DNA security, where you sign your contract in blood!!!???

    Why does that sound familiar?
  • Check me (Score:4, Interesting)

    by blixel (158224) on Saturday March 23, 2002 @01:29PM (#3213141)
    If an image is 1280x1024 and is sensative to a 10x10 pixel area, that gives the user a grid of 128x102 to click in. A total of 13,056 clickable squares. If the user's password was 5 clicks long, that would give them 379,359,275,350,832,971,776 possible passwords. Is my math correct?
  • I'll use (Score:4, Funny)

    by segfault7375 (135849) on Saturday March 23, 2002 @01:29PM (#3213142)

    I'll use that guy from goat.cx... That'll keep people out of my computer :)
  • Stupid idea (Score:2, Insightful)

    by Pedrito (94783)
    So now you have to remember the order in which you click on an image? Maybe that's easier for some people, but certainly not for me. I have one password that I've used for the past 15 years or so. It's 8 characters (9 if I need to mix numbers with it), and it appears completely random.

    I've been using it for 15 years an nobody has ever hacked it. All you have to do is have one of these and remember it. Almost anyone can remember a single 8-10 digit password, if that's all they use. Just make one and stick with it. Maybe you'll need to change it every couple of years, but even so, once you have it down, it's pretty easy to remember.

    Is it hack-proof? Of course not. Not even close, but for most applications where a password is needed, it's more than sufficient. I doubt anyone will take the time to try to hack my hotmail account when there are so many that can easily be dictionary attacked. I'll always be the last one someone tries to hack because it will take too long to hack mine, compared to most.

    Just my personal opinion. Obviously for some things, you simply need real encryption, but for most online stuff, a single 8 character/digit password is fine.
    • I think most people use one or a set of very few passwords, as well as usernames. It's inevitable, but has it's problems.

      I'm sure If the Slashdot crew wanted to, they could use the usernames and passwords from here to log in to thousands of peoples Ebay, Amazon and Paypal accounts. Anyone that puts up a site that requires a username and a password could do the same.
    • For some odd reason, the only "random" alphanumeric character strings I can remember are things like the serial number of a bicycle that went to the dump some 30 years ago. So it's become a password. I guess if someone wants to go to the trouble of locating and digging up the bicycle, they can crack it. :)

  • "This is especially interesting in context of the crappy passwords story that ran on Slashdot that ran few days back."

    And it is even more interesting in context of the the the using images as passwords story that ran on Slashdot [slashdot.org] that ran [sic] a few days back. :)
  • Pictoral Passwords [slashdot.org] (using abstract art)

    (It isn't karma whoring when you're already at 50.)
  • by aralin (107264) on Saturday March 23, 2002 @01:36PM (#3213167)
    Well, I've got this idea quite a few years ago, but honestly, did you ever try to login with someone watching? And its much easier to watch the monitor than your keyboard. And at least I can type my twenty something passwords reallllly fast and have some intentional typos in them, but - man - how can you click on pictures without someone seeing the pointer moving over the right pictures....

  • I've seen something like that. You could coose an image (the more complicate, the better) and define some points, which you have to remember. To login, you have to click the points you selected before, with more or less accuracy in a predefined order.
  • Monkey, Sheep, Sheep, Monkey, HORSE. you HAVE to remember horse! Because if you don't.... You'll have to click on all the images! or... or could just click clippy for help. . .
  • Lotus Note on the Mac (I've never seen or used the Windows version) has a little something kinda like this in their password dialog.

    As you type in your password, small images in a 2 x 2 layout change according to what you've typed. Even though the password text is bulleted out, you eventually come to recognize the 'correct' four images and know when you've misyped your password before hitting Enter. IMHO, this is the best feature of Notes, which otherwise sucks-- Lotus might not have been the first to use this idea, but it's the first place I've seen it.

    And now I'd like to complain about the increasing retard-ification of our society. How can people be unable to choose a few non-obvious passwords (hell, just some random sequences of alphanumeric characters will do) and remember them with a mnemonic device? Why must we create an authentication system geared to the stupid so they can easily exist among us? Maybe they'd smarten up if they chose "password" as their password and had their checking account cleaned out for the third time as a result.

    Of course, I should have seen this coming when McDonald's started using cash registers that had photos of the food on the keys and spit out the customers' change automatically, without the operator having to overtax his/her brain thinking about how a quarter, a dime, a nickel and three pennies have to combine forces to make 43 cents.

    ~Philly

    • IMHO, this is the best feature of Notes

      Yep, and they're getting rid of it... I'm too lazy to look for the link right now, but it's true.

      -Russ
    • this feature serves another good purpose. if someone was to fake Notes login dialog to snatch your password, it would be nearly impossible to correctly imitate those images, beacuse the sequence they appear is generated using a crypto-strength algorythm.
    • And now I'd like to complain about the increasing retard-ification of our society. How can people be unable to choose a few non-obvious passwords (hell, just some random sequences of alphanumeric characters will do) and remember them with a mnemonic device? Why must we create an authentication system geared to the stupid so they can easily exist among us? Maybe they'd smarten up if they chose "password" as their password and had their checking account cleaned out for the third time as a result.

      You could make a much more general point out of this. There used to be a mechanism called natural selection, to ensure that only the most able would survive. By luser-friendly technologies we are in fact driving the mankind into a de-evolution.

      By the way, the reason there are so many geeks around is an interesting case of natural selection. When the more athletic of cavemen went for a hunt, they ordered the more skinny ones to guard the cave and the women and children inside. Well, while the thugs were out there killing innocent animals, us geeks made it sure that we'd become Homo Sapiens, not Homo Athleticus.

    • And now I'd like to complain about the increasing retard-ification of our society. How can people be unable to choose a few non-obvious passwords (hell, just some random sequences of alphanumeric characters will do) and remember them with a mnemonic device?

      I assume you're referring to my secretary, who seems to believe that the little light at the top of the keyboard (the one with the words "CAPS LOCK" next to it) is the power light for the keyboard. The one who didn't understand why I wouldn't give her an Administrator account, since her job includes administering some of our (expense) accounts. (She pouted for two days over that one.) The one who refuses to log out of her machine at night, because she likes coming in to work and having her computer ready for her? (Note, that point applies to many of my co-workers.) The one who made me turn off the 30-day password cycling, because she didn't want to remember "all those passwords."

      The real problem here is that these people don't see the need for security. They think of computers as fancy toys, and maybe something to write letters. "Big deal--you don't need security for that. I don't care if somebody reads my letter to my brother, or plays my games." While that may be fine at home, I'd really rather people not get into our financial accounts, or our grade records (I work at a university). "Well, who would want to?" Well, for starters, any student who has a grade on that system. Anybody who'd like a little extra cash, from our pockets.

      The real problem isn't that they can't use a decent password, it's that they don't want to, because they don't see the threat. Until this changes, nothing will change.

    • And now I'd like to complain about the increasing retard-ification of our society. How can people be unable to choose a few non-obvious passwords (hell, just some random sequences of alphanumeric characters will do) and remember them with a mnemonic device? Why must we create an authentication system geared to the stupid so they can easily exist among us? Maybe they'd smarten up if they chose "password" as their password and had their checking account cleaned out for the third time as a result.

      You sound just like my father when he heard they allowed us to use calculators in school. In his day there were no calculators allowed. You did everything in your head. In engineering school he used log tables.

      I think he was wrong and so are you. We used scientific calculators in engineering school instead of log tables. I was learning structural mechanics and complex differential equations instead of the most efficient way to add or multiply numbers on paper. I don't consider myself any stupider for that. Whether or not I knew how to multiply two 7 digit numbers was immaterial to whether or not I knew how to compute the stress on a truss. (Yes, I do know how to use a log table efficiently but that hasn't helped me once in the last 10 years)

      Machines serve a purpose - they perform the mundane and boring tasks freeing humans to achieve higher goals.

      There is nothing wrong with making it easier for someone to work the cash registers. There's nothing wrong with shortening the learning curve by putting pictures of the items on the buttons. There's nothing wrong with speeding up the job by not making the clerks have to calculate the change. There's nothing wrong with reducing the risk of errors by spitting the change out automatically.

      Just because you can do something without a machine doesn't mean it's stupid to use a machine to do it. I imagine our ancestors who spent days chopping down a single tree probably thought we were lazy for using a chainsaw instead. I imagine their ancestors before them thought they were lazy because they used bicycles to get to work instead of walking uphill in the snow.
      • There is nothing wrong with making it easier for someone to work the cash registers. There's nothing wrong with shortening the learning curve by putting pictures of the items on the buttons. There's nothing wrong with speeding up the job by not making the clerks have to calculate the change. There's nothing wrong with reducing the risk of errors by spitting the change out automatically.

        But there is something wrong with becoming dependent on machines to do simple tasks like making change, which is all to often the case. That's why your father is right and you are wrong.

        Now, using a calculator in engineering school is fine. If you've made it to engineering school you know the math already and you're just learning applications. You don't have time to mess around with log tables. Hell, I failed a statics test because my calculator died and I simply didn't have time to work out the problems without it. Talk about a crappy way to fail a test!

        On the other hand, the fact that my 12 year old brother is allowed (encouraged, even) to use a calculator in class makes me sick. He's supposed to be learning math, but instead he's just learning to punch a sequence of buttons that will hopefully give him the correct answer (assuming, of course, that he's using the same brand of calculator that he was taught in school). There is absolutely no reason that kids learning how to reduce fractions should be allowed to use calculators. He's fortunate that our dad is as much of a hardass as yours probably is and doesn't let him use one on his homework. (My brother disagrees on this point of course, but he'll also be a step ahead of his classmates who aren't so lucky.)

        Remember the term Garbage In, Garbage Out? How do you know you're getting garbage if you don't know the math well enough to know what to expect? Why would you even think to question the results when you've been taught to trust the calculator since the 3rd grade? Is that really how we want to teach our future engineers?

  • by bartman (9863) on Saturday March 23, 2002 @01:49PM (#3213219) Homepage Journal
    Not surprising that MS would come up with this knowing their track record with security...

    Consider anyone standing behing you while you select the appropriate login. They are bound to see the images you are selecting as your login much more clearly then the key combination you would have typed.
  • by merlyn (9918) on Saturday March 23, 2002 @01:51PM (#3213226) Homepage Journal
    As I said in a previous thread two months back:
    People are visually oriented, so remembering pictures is easy, especially compared to a mess of uppercase, lowercase and symbols.
    Uh, some people. I'd have to name each picture to remember it, and then remember the names. I'm a part of the 5% of the population that doesn't deal well with picture recall, and a particularly bad case of that. Let's hope this system is never mandatory for any system I have to use. It's bad enough for icons without tooltips.
  • Reuters: "We're sorry, but your browser is not compatible with our site."

    Oh well, it's not like we haven't seen this before [slashdot.org]

  • Ok guys, here's how you can use the power of visual identification and still have a cryptographically secure system. All of this and it's implementable RIGHT NOW with current tools on a standard linux distro.

    1. Take a directory full of images, it doesn't matter if they are .pngs, .jpgs, a mix of verious types or whatnot. All that matters is there's quite a few of them on the machine. I'm going to use the /usr/kde/2/share/icons/hicolor/48x48/ directory. This directory contains 5 subdirectories with a total of :
    find . -name '*.png' | wc -l
    297

    pictures. Given this, we can do som basic combinatorics (permutations of these standard pictures) for any value of 297 choose n. Using the permutation of (297 3) gives us 25,934,040 possiblilties (remember the order of choosing pictures is unique). It gets even nicer at 4 (7,624,607,760). Why am I bothering with this? Let me show you a snippet of python code:

    # requires python 2.x
    import sha,sys
    print sha.new(sys.stdin.read()).hexdigest()

    This little beauty will compute the hex-digest of the Secure hashing algorithm (http://csrc.nist.gov/publications/fips/fips180-1/ fip180-1.txt)
    .

    All you have to do to use this program is the following:

    $ cat apps/kedit.png filesystems/zip.png mimetypes/widget_doc.png | hex_sha.py
    066686143327A8A582E5F5333A98D6C3F14263 24

    or, if you prefer:

    $ cat apps/kedit.png mimetypes/widget_doc.png filesystems/zip.png | hex_sha.py
    2C35BA8998BAAEA70008AE41E31F923142A48D 7F

    Obviously, order matters. Starting from this simple building block I'm sure it woulndn't be too hard to have kdm/gdm/xdm use this alternate method. There are c libraries available (openssl) which accomplish the same feat.

    In short, this can be implimented in a weekend by a skilled hacker. One could even see crative ways of assigning short characters to each picture so that clicking isn't necessary. Something along of the lines of:

    Actions == A
    aPps == P
    Devices == D
    Filesystems == F
    Mimetypes == M

    And each subdirectory use the same method as well. So instead of catting those three files via the CLI, I could opt to type :

    PE == aPps/kEdit.png
    MW == Mimetypes/Widget_doc.png
    FZ == Filesystems/Zip.png

    So I could type PEMWFZ (case shouldn't matter as we're indexing through a series of directories/files) and get my first catted line above. The second line would be PEFZMW.

    The weaknesses in the algorithm described above lie in the strengths of SHA and the number of choices (I'm using 3). Since SHA's collision space is larger than (297 3) The weakness lies in the permutation. As I showed above, it's pretty damn big. Make it 4 (and all pw's become 8 characters).

    Hardest part is the passwords are still gibberishlike. Or are they? Each grouping is paired in twos naturally. The password in ones's mind isn't PEMWFZ, it's PE, MW, FZ. If one can visualize the picture with the grouping then there is a direct visual association. This would appleal to most hacker-types. And the non-techies can even just opt to scroll through the pictures clicking on the 3 (or 4) that comprise the password. There could even be an option displaying the shortcut keys as the pictures are being clicked in case the person can't remember one of the mnemonic groupings. This must be done in absolute secrecry should the should-surfers wander by.

    You guys get the idea. I'm just spewing ideas about this topic.:)

    (And to others about this "dumbing-down" passwords; I think my hacker/non-hacker solution above compliments both types nicely. It also gives rise to REAL passwords without having to memorize `a09GD3hz'. A compliment of pictures and shortcut blocks works well within the human mind -- try it if you don't believe me. On top of this, it eliminates the possiblity of people choosing 'god', 'stud' 'master' and other such obvious passwords.)

    Feel free to flame my constructive brainstorming. This is ./ after all. :)

  • I wonder if mouse gesturing (ala Black and White) would make a good password protection system?

    I guess you could enforce a certain complexity to the password (no mouse up, mouse down).

    This would have the great advantage that it would be tremendously difficult to teach to someone else...

    Just a flawed thought. Find the flaws... :)
  • stupid assumptions (Score:2, Interesting)

    by unsinged int (561600)
    This technique will never replace typed passwords because it makes the following assumptions:

    1. The user has a functional, properly configured pointing device and is physically capable of using it.
    2. A graphical display must be loaded prior to logging on, which sucks if that's what you're trying to login to fix.
    3. Any other computer you are using to login remotely to such a password protected computer must also be capable of displaying the same pictures.

    Besides, the click locations would have to be stored in terms of percentages to allow for scaling the image for display on different devices with different resolutions and still accepting the user's "password." Add in a tolerance factor since the user probably won't click the exact same spot, and look...if I display all your images so they're really tiny I can click wherever I want and login!
  • by jrp2 (458093) on Saturday March 23, 2002 @02:35PM (#3213366) Homepage
    Reading through this thread, there are lots of valid issues brought up. I would agree that this concept alone would either be just as difficult as passwords (assuming the resolution of where you clicked was tight) or just as insecure as a bad password (assuming fairly forgiving resolution).

    BUT, a simple pictorial password combined with a simple alphanumberic password could be very secure as well as easy to use. Far greater than the sum of either used individually.

    I used to work at a large bank which employed this kind of multi-level security. A mag card got you into offices, a mag card plus a numeric keypad got you into medium security areas (teller lines, etc.). The higher security the area, the more techniques were added (retina scan, knowing your mother's maiden name, manager's name or department name, etc.). Basically, each aspect is individually attackable (stealing the mag-card, dictionary attacks, shoulder-surfing, password sniffing, etc.), but you have to know all of them to get access. Each obstacle in the way added a large measure of unpredictability and hence security.

    I could even see this being used in a "telnet" (ehem, ssh) like scenario where a traditional userid and password are the first level, then some quiz (arranging shapes or colors in a specific sequence for example) is the second level. Each would be easy to remember, combined it would be very difficult to guess both (or several).

    Basically, I think there is a great amount of promise in this kind of research. Yeah, you can shoot down each method as flawed, but combine a few of the methods and you can get some very powerful and easy to use security.
  • "Users simply remember exactly where on the images they clicked and in what order."

    How is that better simpler and more secure? 99% of the people will simply click on the middle of the picture, and boom you're through. Of course then there might be instances where you have to click a minimum of 5 places, so suddenly everyone is clicking on each corner and then once in the middle.

    Personally, I'd just as soon stick to my text passwords. I don't find my passwords hard to remember, as I utilize a seqeuence of rules to generate the password. That way I can choose a word (I usually like titles of Books/Movies/Albums/Songs) and run it through my little set of rules to product a string of characters that bear little resemblance to the original word, but is still easy for me to remember, because I don't have to remember the actual password, just the methodology to get to it.

    If by pictures for passwords, they had meant that you supplied (uploaded) a special image of your own personal creation, and then that image is authenticated using an algorithm that generates a key by the values of the pixels in the picture, and then matches it via a public/private ssh key authorization manner; that, I think would be pretty slick.

    Well, I'll quit rambling now. I just don't see how clicking on parts of a picture is easier to remember or more secure than typing in a string of text.
  • Old, Old Idea (Score:4, Informative)

    by mesocyclone (80188) on Saturday March 23, 2002 @03:19PM (#3213521) Homepage Journal
    In keeping with Microsoft's tradition of rarely doing its own innovation...

    Many years ago somebody was selling Automatic Teller Machines that used this approach instead of numeric PINs. I wish I had a reference but this was way pre-Web (1970s).

    Also, this was discussed at Usenix 2000 and CrypTec 99 - see:
    http://paris.cs.berkeley.edu/~perrig/projects.html #DEJAVU [berkeley.edu]

    and on Slashdot on Dec 28, 2001
  • by Infonaut (96956) <infonaut@gmail.com> on Saturday March 23, 2002 @03:39PM (#3213579) Homepage Journal
    Just imagine the banner ads on Yahoo!:

    skuzzywhores.com now has downloadable pass-pictures of your favorite screen sluts, from Anal Ashley to Luscious Lydia! Why not have some fun with your security? Download 'em now!

  • Market droid: Our research indicates that our users aren't being humiliated nearly enough.

    Pointy haired boss: Why don't we make them play pin the tail on the donkey before they can use the system?

    Engineer: I suppose I could work it into the login sequence.
  • I never thought I'd finally be able to use my ass as a password.
  • by Black Art (3335) on Saturday March 23, 2002 @07:30PM (#3214323)
    This sounds like yet another attempt to make things "easier", with no understanding or attention to the security ramifications.

    Paralogix has a similar password scheme. You click on a number of objects to create a password.

    Sounds good, but it turns out to be very bad.

    It turns out that the number of objects used on the screen made for less combinations than you would have if it represented a letter of the alphabet. (About 28 combinations per "drag".)

    It gets worse. Due to the way the interface works, it becomes prohibitive to make large passwords. (A keyboard is much faster.) The interface passlogix used was drop and drag. Icons are not going to be much better. (You only have so much screen area to work with.)

    Passlogix did one even better though... They made the order of the password not matter. (So "AAB" and "ABA" and "BAA" were equivelent.) For small passwords, it removes a fair chunk of the combinations. For large passwords, it removes almost all of it. (95% at 5 characters and it gets worse from there.) I expect similar things from Microsoft if they actually do this.

    I have suspected that Microsoft considers most of their users to be illiterate. It frightens me when I see evidence that my worst fears are confirmed.
  • I could never remember which cheeses to click to get past the nag screen for Monty Python's Complete Waste of Time (or whatever it was called); why on earth would I remember any better which body parts, mammals, and reptiles to click in what order so I could log onto my computer??

    Or as a friend once put it, "I don't need pictures. I can read and write." :)

    More seriously, it occurs to me that unless the images came up in a random order each time, password sniffers would merely need record mouse click position. And once the password images were ID'd.. Hmm. ISTM such images should be user-defined to be more secure, because otherwise sooner or later some sniffer is going to know how to ID the OS-supplied images that were clicked, regardless of screen placement.

    I just had this vision of people using their fave porn thumbnails as their password images, leading to this:

    Invalid password: you must include at least two tits, one ass, and one other body part.

    (thanks to whoever made the post that inspired this :)

  • The perfect dictionary file for the new "crack" program: images.google.com
  • I don't have to remember a lot of passwords, because I don't use a lot of passwords. How is this a solution? Well, for any and every account that doesn't matter (e.g. hotmail spam account, anything I sign up for) I use the same, stupid password. I don't care if someone hacks those accounts, all they'll get is all the fake information I entered when I signed up. Then I remember 5 complex passwords (8 chars or more, mixed caps, multiple non alpha chars) for the 5 things that are important.

    And those are easy to remember, because they're usually phrases, shortened: "There's no Sex in the Champagne Room!" gives me: "TnSitCR!" as a password. Easy to remember, hard to crack.

The only thing cheaper than hardware is talk.

Working...