What is Digg?52 Comments
- mizunoX, on 10/12/2007, -0/+4The great thing about a text password is that others see stars while you enter it.
With this, everyone around can see what you are clicking on, thus knowing your password. - monkeycat, on 10/12/2007, -0/+1@mizunox -that is true with the picture based password, but with the icon based password, you don't ever actually click on the passcode icons. I think they are both great ideas that will have limited application, but great nonetheless.
- sundancekid503, on 10/12/2007, -0/+1Lame, I'll stick with urine sample analysis for my network's security.
- cully, on 10/12/2007, -0/+1Depending on how many click points you must choose, the number of possible "passwords" are just as many as a text password. If there are 2500 pixels, and n click points, then you have 2500^n possible passwords.
The reason this method doesn't make sense to me is that, couldn't someone who is able to monitor traffic or look at a "click-point" file (as apposed to a password file) but able to just as easily get someone's password? Once click-points are digitized, they are just the same as a text password.
Or, is this just a solution to easily-guessable passwords? - iknow81810, on 10/12/2007, -0/+1I wouldn't be surprised if someone said this already, but the icon password really isn't the best idea. For example, in the example that they gave, the space that the user could click in to successfully enter their "password" took up about 5% of the window, maybe a little more. That would mean if you tried to guess the password you would have a 5% chance of guessing it correctly on your first try. This is extremely high in comparison to the virtually 0% chance of guessing a text password correctly.
A text password can be anything, with any number and type of characters (within reason), but with the icon based password, a "password" can only be a certain part of the window.
Maybe if they made you click the appropirate area several times in succession that would work, but even in that case it would still require way too much thought from the user. I don't know about you guys, but when I am typing in my password I do it pretty mindlessly since I've typed it in so many times. Not so with this system. - wthulhu, on 08/29/2009, -0/+1Personally, I don't think this would catch on. It's kind of fisher price, isn't it?
Also; how many people do you think would have something like a family picture, and the hotspots are the faces, or a blank image with circles where they need to click (the graphical equivilent to the post it note on the desk with the password on it). - janus_god, on 10/12/2007, -0/+0I work on some routine and secure stuff and I like this as a promising solution to end users but when I want something to be truely secure nothing beats my Smart Card, RSA Keygen Fob, and my 8 digit password. But then again just a smart card and pin can solve most security problems. It shows alot of promise for the end users.
+1 Digg - bradspry, on 10/12/2007, -0/+0Lot's of companies are working on "picture passwords":
http://www.google.com/search?q=picture+passwords - 3-6-0, on 10/12/2007, -0/+0yea rutgers!
- VipeNess, on 10/12/2007, -0/+0very cool
- thenativeraver, on 10/12/2007, -0/+0Kinda reminds me of johnny pneumonic
- echonovember, on 10/12/2007, -0/+0They make making your computer safe FUN!
- monkeycat, on 10/12/2007, -0/+0I suppose it would do the same thing as when someone forgets which letter the pressed on a keyboard - it would say invalid password and try again
- stoops, on 10/12/2007, -0/+0this kinda sucks, this means that in order to login, you need some sort of graphical interface. But I love using freebsd and ssh in the terminal so I wouldn't make use of this.
- TheRealStyro, on 10/12/2007, -0/+0Combined with a strong multi-line pass-phrase system the pass-icon or pass-zone system described could be useful. Personally, I would make the system rearrange the icons after every pick, or every 15-20 seconds, for the pass-icon system. For the pass-zone system (picking zones on a photo/picture), I would change to a different photo/picture every 30-45 seconds (depending on how many picks are needed).
- Duilen, on 10/12/2007, -0/+0This is very interesting. How are passwords retrieved if the user forgets where he or she clicked on the images?
- TheQwe, on 10/12/2007, -0/+0I agree with dougvfr750. the best non-text alternative to passwords is something biometric.
that being said, I type fast enough that it's nigh impossible to discern what I'm typing(even more so for passwords, since I type them in so often). - schrags, on 10/12/2007, -0/+0They didn't invent this... this is actually really old. I remember having this on my pocket pc old Dell Axim x5 over 3 years ago.
- Biker803, on 10/12/2007, -0/+0I tried this out for myself and I found it to be... odd. I don't know if something like this could ever catch on as someone above mentioned. First and foremost it requires a graphic interface, which those living in the old ages will find to be a limitation. Secondly, it takes a lot of time to find a few of your icons so you know an "area" to click in. Not to mention you also have to remember every icon you have selected. Just think of if you had to remember icons that were different on every website! We'll have to see where this goes, if it goes at all.
- superal1394, on 10/12/2007, -0/+0i want the thing from iRobot with the cubes...
- chris_hale, on 10/12/2007, -0/+0Interesting... but I can't imagine using this everyday.
I'll stick with my keyfobs - Judman, on 10/12/2007, -0/+0spymac does this.
- scotticus, on 10/12/2007, -0/+0Seems like a pain in the ass. I can type way faster. rnrnThis could make you really good at Counter-Strike though.
- mrnoob, on 10/12/2007, -0/+0Wait, this doesn't make sense, if you use a picture, you are then limiting the possible "keys" to the amount of pixels on a screen, its thousands time easier to brute force it....
- osbjmg, on 10/12/2007, -0/+0Yea, and then how would this be transmitted? Isn't that where they are stolen ONLINE? Shoulder surfing is pretty easy to get around. I think people would still get caught phishing and just plain letting people use their access freely.
- joshfraz, on 10/12/2007, -0/+0i love it. i'm a very visual person and remembering spots to click on a picture is a lot more appealing than memorizing a password!
- dougvfr750, on 10/12/2007, -0/+0Think I would rather use biometrics like fingerprint or retinal scan
- logosmonkey, on 10/12/2007, -0/+0ooooo Johnny Mnemonic.
- spacedyevest, on 10/12/2007, -0/+0Go RU
digg - ImKenny, on 10/12/2007, -0/+0i have made keyloggers that take a screenshot of a 50x50 area around the pointer. the images are uploaded every 30 minutes to a FTP server that i then download the images from.
ohh BTW the point of that keylogger/click logger was to get point-and-click security pins.
My disclaimer:
i compiled that program for educational purposes only, it was something i never passed out and was not developed with malicious intent. there i said it, u cant get me in trouble :) - teh_toaster, on 10/12/2007, -0/+0Some people will simply choose a picture such as a blue square, click all four corners, and be done with it. Plus, this seems a lot less likely to work with any person with sight difficulties. I think this will take a bit more work to actually catch on.
- inactive, on 10/12/2007, -0/+0I still think the embedded RFID in the hand is the best option. :P
- koenkai, on 10/12/2007, -0/+0bradspry: "Lot's of companies are working on "picture passwords":
http://www.google.com/search?q=picture+passwords "
Yep. If you take a look at the results returned by the goog search, you'll see the BBC article was written in 2002. Actually, when I was running an information security company in '99, I knew of quite a few companies who were working on this kind of tech. Interesting idea, but one that's never taken off (for a variety of reasons--most of which have already been noted)... - trix911, on 10/12/2007, -0/+0i think its a cool idea but i doubt it will catch on
- TheQwe, on 10/12/2007, -0/+0my gut instinct tells me that graphical passwords would be more susceptible to shouldering, but I could be wrong...
- flound1129, on 10/12/2007, -0/+0I don't see how the second method defeats shoulder surfing.. Especially considering that the guide specifically says not to let an observer know which icon you are clicking on. I think ING Direct's method for entering the PIN (the text method, not the click method) is the best advancement in password technology I've seen in a long time.
- FaNtAsMa, on 10/12/2007, -0/+0I don't really like the first example that they show, but the icon-based one seems like a pretty good idea.
- eljaysun, on 10/12/2007, -0/+0I certainly hope they consider blind users before too many of these graphical passwords catch on.
- whateverdigg, on 10/12/2007, -0/+0Can this technique be integrated with the AES version of notepad?
- PlancksCnst, on 10/12/2007, -0/+0@lmkenney: that won't work since you don't click on the secret icons - just somewhere inside the area created by the icons
@LatvianHedgehog: that won't work since the positions of the icons are random. Btw, keystrokes can be stolen, too. - p3lEr, on 10/12/2007, -0/+0Interesting
- foodbar, on 10/12/2007, -0/+0Mice suck.
- staticten, on 10/12/2007, -0/+0Bank of America Online does this now:
They present you an image that you particularty picked with a matching phrase to increase security before you enter your password
DIGG - stimpack, on 10/12/2007, -0/+0I prefered the one based on human faces http://www.realuser.com/ , as faces are very easy to remember.
- battybattybatt, on 10/12/2007, -0/+0"...Personally, I would make the system rearrange the icons after every pick, ..., for the pass-icon system. ..."
Along with a 2-degree polarized screen covering the pad, and requiring speific timings between key presses - almost in a rhythm that must be somewhat memorized within preset tolerences - that is precisely how some keypad entry systems work. This cuts down on shoulder surfing to guess where someone punched the pad.
I have seen the demos, just awsome. But, remember, "The Last BoyScout". - peerk, on 10/12/2007, -0/+0Pretty cool.
It's not every day that your see professors you've had on digg! - JesseJ, on 10/12/2007, -0/+0They say people remember smells better than anything. So how about a smellogram password machine. fish sock cheese grass strawberry
- LatvianHedgehog, on 10/12/2007, -0/+0Mouse movements can be registered and stolen. Nice concept, but it won't do.
- miggie, on 10/12/2007, -0/+0Go Rutgers Camden! :-)
Love Rutgers Newark - queraxus, on 10/12/2007, -0/+0Rutgers is really showing it's class.
-
Show 51 - 52 of 52 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is