Featured Research

from universities, journals, and other organizations

Better passwords get with the beat

Date:
May 29, 2011
Source:
Inderscience Publishers
Summary:
No password is 100 percent secure. There are always ways and means for those with malicious intent to hack, crack or socially engineer access to a password. Indeed, there are more and more websites and databases compromised on a seemingly daily basis. A new approach to verifying passwords that also takes into account the speed with which a user types in their login and the gaps between characters would render a stolen password useless.

No password is 100% secure. There are always ways and means for those with malicious intent to hack, crack or socially engineer access to a password. Indeed, there are more and more websites and databases compromised on a seemingly daily basis. A new approach to verifying passwords that also takes into account the speed with which a user types in their login and the gaps between characters would render a stolen password useless.

Writing in the International Journal of Internet Technology and Secured Transactions computer scientists from Beirut explain the shortcomings of previous attempts at key-pattern analysis. KPA is an attempt to scrutinize the speed with which a user taps the keys as well as measuring the gaps between keystrokes, the beat of their typing. KPA has also been tested with modified keyboards that measure the force with which keys are pressed. The result can be a biometric profile of the way an individual user types in their password. If the biometric does not match the user then the password fails even if it is "correct."

Ravel Jabbour, Wes Masri and Ali El-Hajj of the American University of Beirut, in Lebanon, point out how inconvenient a modified keyboard would be to an organization or individual. They explain how previous attempts at KPA fail if the pressing of two keys overlaps. Early efforts also focus on "inter" timing, the time lag between pressing one key and the next, which is not adequate to ensure a password is usable only by the legitimate user. The team instead has incorporated "intra" timing that measures how long each key remains depressed, which they say gives them the beat of the typing and is a much more robust parameter.

The program gathers information about how the user is typing in their password by recording the electronic signals from a standard keyboard as keys are pressed and released. The program then compares the pattern of the password typed with a pre-stored pattern recorded when the account is initially setup. A user would be expected to repeatedly type their password at the login registration stage to record a reproducible typing pattern. The validation algorithm then looks at the various parameters, intra and inter timing the relationships between two keys (digraph), three keys (trigraph) and up to the number of keys that are the password length.

Obviously, a longer password will provide a more complicated profile of the person's typing and so reduce the risk of the typing of anyone else typing the password with the same timing pattern as the legitimate user. There is a trade-off, of course, too long a password and even a legitimate user is unlikely to reproduced their typing pattern accurately every time they enter the password. Password distribution can also be accommodated for by creating KPA groups for the same password for those users eager to share their passwords with friends and colleagues without impinging on the security of the system, the team says.


Story Source:

The above story is based on materials provided by Inderscience Publishers. Note: Materials may be edited for content and length.


Journal Reference:

  1. Ravel Jabbour, Wes Masri, Ali El-Hajj. Optimising password security through key-pattern analysis. Int. J. Internet Technology and Secured Transactions, 2011, 3, 178-193

Cite This Page:

Inderscience Publishers. "Better passwords get with the beat." ScienceDaily. ScienceDaily, 29 May 2011. <www.sciencedaily.com/releases/2011/05/110517110304.htm>.
Inderscience Publishers. (2011, May 29). Better passwords get with the beat. ScienceDaily. Retrieved April 18, 2014 from www.sciencedaily.com/releases/2011/05/110517110304.htm
Inderscience Publishers. "Better passwords get with the beat." ScienceDaily. www.sciencedaily.com/releases/2011/05/110517110304.htm (accessed April 18, 2014).

Share This



More Computers & Math News

Friday, April 18, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Twitter Introduces Facebook-Style App Install Ads

Twitter Introduces Facebook-Style App Install Ads

Newsy (Apr. 17, 2014) Twitter hopes to make money on app install ads, which has proven to be a successful strategy for Facebook. Video provided by Newsy
Powered by NewsLook.com
Heartbleed Hack Leads To Arrest

Heartbleed Hack Leads To Arrest

Newsy (Apr. 17, 2014) A 19-year-old computer science student has been arrested in relation to a data breach of 900 social insurance numbers from Canada's revenue agency. Video provided by Newsy
Powered by NewsLook.com
Apple Rumored To Introduce Song ID Service In Next iOS Build

Apple Rumored To Introduce Song ID Service In Next iOS Build

Newsy (Apr. 17, 2014) Sources close to Apple told Bloomberg the company plans to introduce an integrated song identification service during the launch of its next iOS. Video provided by Newsy
Powered by NewsLook.com
Honda's New ASIMO Robot, More Human-Like Than Ever

Honda's New ASIMO Robot, More Human-Like Than Ever

AFP (Apr. 17, 2014) It walks and runs, even up and down stairs. It can open a bottle and serve a drink, and politely tries to shake hands with a stranger. Meet the latest ASIMO, Honda's humanoid robot. Duration: 00:54 Video provided by AFP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins