Newsletter Sign-up

Prompt's TechBlog

Images to replace passwords?

28 February 2006

Posted by Sean McManus

With the arrival of internet banking, online shopping and now chip & pin, we've now all got more secret identity numbers and passwords to remember than ever. Here's a demonstration of an alternative to learning passwords: using clicks on images as a security device. The idea is that you're shown an image. You click on it in five places to create your password. When it's time to log in again, you can easily remember which five parts of the image you clicked on. To throw others off the scent who might be watching you, you can click on five other random points. The site claims most people can only remember a list of about 7 items.

This reminds me of Realuser, a system created some years ago that asked you to memorise a sequence of faces instead of a string of letters and numbers. The idea is that faces are easier to remember. When you log in, you pick your faces out in turn from 8 random others. After setting up a test account, I went back some weeks later and was surprised I could still remember the right face sequence.

Systems like this can also be used to avoid phishing attacks: if a bank had to show you it already knew what image you used for your password, it would discount people impersonating the bank without having access to that information.


# posted by Sean McManus at 10:23 AM

Comments: Post a Comment

<< Home