Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
It's as much a hovercraft as a pancake is a waffle.

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


                           

Touchscreen Password Pattern

Password entry method for tablets.
  (-2)
(-2)
  [vote for,
against]

So lets say you have a slate style touch screen device/tablet computer, with a conventional operating system. It has no keyboard. When you turn it on and the operating system boots to the login screen, how do you enter the password? Either you have to plug in a keyboard, or hope that the device manufacturer included a special program that lets you type it in using an on-screen keyboard, then carefully poke at tiny letters to login.

Just now as I was trying to do this I though to myself "you know what would be easier? entering the password by touching areas of the screen in a certain pattern". For instance, instead of "ilovelolcats", your windows password would be "top right, bottom left, top right". Touching these areas of the screen in sequence is required to login. It would be much faster and easier. In fact, it would be so fast and easy that I will be surprised if I don't see 5 links to baked versions in a few minutes.

DIYMatt, Oct 10 2010

http://rutgersschol...brbirg/sobrbirg.htm Graphical password schemes [jutta, Oct 10 2010]

…and how to hack them. http://www.usenix.o...ull_papers/Aviv.pdf
[Ian Tindale, Oct 10 2010]

Bruce Schneier on Biometrics http://www.schneier.com/essay-019.html
Biometrics aren't secret. [jutta, Oct 11 2010]

keep it simple http://scienceblogs...ience_we_need_y.php
[Ian Tindale, Oct 11 2010]

Fourth Factor Authentication: Somebody You Know http://www.rsa.com/...bs/node.asp?id=3156
[Wrongfellow, Oct 12 2010]

[link]






       You guessed it --
[marked-for-deletion] Widely known to exist.
  

       For example, passcodes in Android (a fairly widely used smart phone operating system). The general term for such things is apparently "graphical password schemes" (although not all of them are particularly suited to touchscreens).
jutta, Oct 10 2010
  

       Not only what [Ian Tindale] said, but also I've read a blog post from an IT security pro, who claimed to have cracked one of these by watching the owner's fingers fidget while he boasted about his new, "secure" toy.
pertinax, Oct 10 2010
  

       No, give me fingerprint readers. It works on my laptop, it will work on a tablet and it adds no buttons so even Jobs should like it.   

       Also it doesn't leave smudges on the screen.   

       I will also accept facial recognition through the camera.
MisterQED, Oct 11 2010
  

       I've not seen a fingerprint implementation that I liked - false positives and false negatives seem to be pretty rife.   

       The analog (of identification in general, not just fingerprints) in the physical world seems to be a key - or in some cases, a RFID card, or remote 'bleeper' - in other words, a dongle of some kind.   

       So we can either continue to use physical dongles (e.g. special key-cards, or usb-sticks - or biometrically register our own body-parts e.g. fingerprints, retina scans etc) or, more frequently, we use a sort of abstract 'dongle' a piece of information that supposedly, only we know - i.e. a password, a gesture, or perhaps a little dance (though these last two seem to merge the two domains of the physical and abstract together)   

       So dongles can be abstract or physical, and need to be registered in order to work properly. Is there any non registered-dongle related method for identification? Or are we stuck with these two options?
zen_tom, Oct 11 2010
  

       How about an RFID ring?
MisterQED, Oct 11 2010
  

       The ring idea is good, because the antenna naturally conforms to the shape.
Ling, Oct 12 2010
  

       [zen_tom]: It sounds like you're talking about the traditional three factors of authentication: "something you have", "something you know" or "something you are".   

       A bit of Googling found a paper that discusses a possible fourth: "somebody you know". I'm not sure this is really much different to "something you know", but then I haven't read the paper. <link>
Wrongfellow, Oct 12 2010
  

       Facebook have an interesting security feature. If you attempt to log on to your account from a new location (e.g. you're on holiday in another country), it will ask you to match names to faces from your Facebook 'friends'. I assume there's some sort of lockout if you keep getting these matches wrong, and I'm not sure what would happen if you only had a very small number of friends.

Also related to this idea, there used to be a company which tried to get around the non-secret nature of biometrics and the stealability of PINs by creating a sort of 'biometric PIN'. In this scheme you would present three different fingers in a predefined sequence to a fingerprint reader - the fingerprints would show it was you (caveat: PVA glue, etc.) and the sequence would demonstrate that you knew the 'secret' - again, not easy to see how much more secure this makes things.
hippo, Oct 12 2010
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle