Graffiti as password: secure and memorable
Many people have problems remembering passwords. For this reason, people make horrible choices in the word or phrase they use to secure their data. Although more important sites are making it impossible to do, some people are still struggling to remember that their password is the name of their dog, allowing it to be easily hacked into by bad, bad people.
As more people are putting their valuables online, such as banking, shopping, chatting, and e-mail (well that was always online), the sites that house these services begin to force people to make sure their passwords have something like 8 characters, alternating case, a number, a symbol, and a Chinese character. The problem with this is that people still can't remember it, so in this case you're forcing them to write it down on a sticky on their monitor, allowing that guy in accounting to steal all of their money the day before he quits his job and leaves the country
Thus there was a scramble to create something new, something better. After a brief foray into trying to come up with pictures as passwords, someone realized that recognition was probably less secure than recall. That being said, there are some good things already out there. Bank of America has you pick a picture and give it a title as your "SiteKey" and will show you this combination so you know you're actually on their site and not being phished.
Today (well a few days ago, I couldn't blog over the weekend and have it count for this week) there is a new frontier, as a computer security conference had a presentation about graffiti as a secure password. Sounds, dumb, but think about it. How many people would deface a picture the same way you would? I like it, and although it wont work at ATM machines, it seems perfect for both computers and mobile devices with styli. I look forward to the future of passwords when touchscreens will be able to encrypt thumbprints and send them via the Internet.
No comments:
Post a Comment