UK scientists propose to use pictures for passwords
02 Jan 2016
UK scientists have answered the prayers of users, who would like to use the same password on multiple sites and also those who find it difficult to remember a host of passwords.
According to the researchers from the University of Plymouth, password fatigue could be addressed by using a combination of images and one-time numerical codes to gain access to systems.
The researchers who worked at the Centre for Security Communication and Network Research (CSCAN), believe with the new multi-level authentication system GOTPass (Graphical One Time Password) users would be able to better protect personal online information from hackers.
They further claim the system could also be easier for users to remember. It would also be less costly for providers to implement as it would not require the deployment of potentially costly hardware systems.
With the system, users would be able to choose a unique username and draw any shape on a 4x4 unlock pattern, similar to that used on mobile devices.
They would then be assigned four random themes, being prompted to select one image from 30 in each.
For logging into their account, the user would need to enter their username and draw the pattern lock.
They would then be presented with the next screen containing a set of 16 images. The set would contain two of their selected images, six associated distracters and eight random decoys.
Identification of the two correct images would generate an eight-digit random code located on the top or left edges of the login panel.
The user would then need to type in the generated code to access to their information.
"Traditional passwords are undoubtedly very usable but regardless of how safe people might feel their information is, the password's vulnerability is well known," said PhD student Hussain Alsaiari, theinquirer.net reported.
"There are alternative systems out there, but they are either very costly or have deployment constraints which mean they can be difficult to integrate with existing systems while maintaining user consensus. The GOTPass system is easy to use and implement, while at the same time offering users confidence that their information is being held securely."