One of the largest security challenges many organizations face come from the most basic aspect of security: user passwords. Humans simply have a limited capacity to remember otherwise insignificant streams of letters and digits; as a result, they often choose passwords that are easier to remember. Those memorable passwords, however, can fail in the face of dictionary attacks or guesses based on information such as birth dates or the names of family members. This week's meeting of the Computer and Communications Security interest group of the Association for Computing Machinery saw the description of the latest attempt to balance security and obscurity: an improved form of the "Draw a Secret" method
The basic concept behind Draw a Secret (DAS) is that humans excel at image recognition and memory, so "passwords" should be designed to leverage that ability
Initial implementations simply tracked the ability of people to use a stylus to draw a free-form shape on a touch-sensitive screen |
No comments:
Post a Comment