Sunday, December 18, 2011

Microsoft introduces picture based passwords

Moving forward on the ‘innovation’ train, Microsoft posted a new way to manage the security issues that’s been the bane of everyone’s private data in the modern era. How about gesture based passwords on a picture?

With the new password system in place, users will be able to log into a Windows 8 based machine using a Picture Password, whereby specific gestures on a picture will translate into the password. So for instance you have a combination of taps, or straight lines, or circles. The picture can be of your choice, further personalizing the password and making it easy to remember the gestures.

“If a gesture type is wrongâ€"it should be a circle, but instead it’s a lineâ€"authentication will always fail. When the types, ordering, and directionality are all correct, we take a look at how far off each gesture was from the ones we’ve seen before, and decide if it’s close enough to authenticate you.”

Now the gestures don’t need to be accurate, as each picture is divided into 100 grids, and the gestures need to be at least 90% accurate for the user to be granted access.

So how secure is a gesture based password input? Take a look at the graph below.

Yup, that’s 398 trillion possible combinations for a simple 5 gesture password. Like, a circle, two taps and two lines on some random picture are more powerful than a proper 8 character password. As a disclaimer, the “complex password” doesn’t comprise of a ‘space’ so the possible combinations are much lower.

Artikel yang Berkaitan

0 komentar:

Post a Comment