Online passwords are tedious, and it seems like too many websites require one. Who said the best way to access private information online is through a password made of numbers and letters?
At least one computer scientist thinks there's a better way to get access to your online accounts. At the New York Institute of Technology Cyber Security Conference, AT&T researcher Bill Cheswick described how users could memorize the exact spot on a satellite photo, with the longitude and latitude serving as the access code. Just clicking on that spot would let you into the website, no text password or question necessary.
Using a program like Google Maps, you could hone in on a spot that's easy for you to find on a map, for example the location of a hotel from a past vacation, a plaza, a friend's house, your elementary school, a former work place, etc.
“The key idea is that you have a data set with very deep data, and you have to drill down. You could drill down on a map of anything. Probably better if it’s a map of someplace you’ve never been, so you’re not tempted to pick your childhood home,” Cheswick tells Tech News Daily. “You could have a 10-digit latitude, and a 10-digit longitude, then you'd have a 20-digit password.”
This isn't the first time computer scientists have tinkered with the online password system. Some systems have allowed you to click on a specific part of an image. The problem is that mouse-tracking programs developed in the last decade let hackers track the location of the mouse.
But Cheswick says this shouldn't be a problem for password maps. Mouse-tracking software can still see where on the screen your cursor goes. But it doesn't know what map you're looking at. And because the password map is zoomable, and you can move it around, the mouse's position on the screen doesn't tell a potential hacker where your unique spot is located.
Cheswick hasn't performed any usability tests to see how the average Internet user might respond, but anything's better than the current system. I hate creating a new password for every website where I keep even a scrap of personal information. And there are plenty of scams out there to get you to divulge your passwords.
Read more at Discovery News
No comments:
Post a Comment