As most internet users know, it is often hard to remember or keep apart all the passwords and login names for one's different online accounts.
Dr. Bernd Borchert, together with students at the Computer Science Department of Tübingen University, has tackled this issue. They developed a new method that saves the users not only the trouble of memorizing the passwords and login names, but also of typing them. All of this is managed by the user's smartphone.
Moreover, the new approach solves a common problem which many internet users choose to ignore: passwords can be tapped by so-called keyloggers, i.e. trojans on the computer a password is entered into, and could later be misused for criminal purposes. As Dr. Borchert's method does not rely on permanent passwords anymore, the problem of tap-ping becomes obsolete.
The new method was filed for patent application.
From the user's point of view, Borchert's approach works as follows: The user downloads the method's application software to his smartphone. For each account he wants to be managed by the app, he needs to go through a short initialization process on the smartphone. In order to access an account, the user can open the respective login page in a browser window on any computer. He will then be shown a 2D-code that he must scan with the smartphone's camera. After the data is processed by the app, the smartphone contacts the account server via internet. The server checks the data received, connects to the browser window on the computer and opens the user's account. Thus, the user gets into his account almost by magic -- he only has to scan the 2D-code. In order to prevent unauthorized persons from logging in to an account, e.g. in case the smartphone is stolen, the user may protect his most important accounts with an additional tap-proof password query.
A prototype of the new application software was programmed by computer science students -- the link below refers to the demonstration web page which also contains a short demo video. Appropriate apps already exist for some types of smartphone. The project team is currently looking for account providers willing to implement the method in order to offer it to their users.
Demonstration web page containing more information and links: http://www2-fs.informatik.uni-tuebingen.de/~borchert/Troja/Open-Sesame/index.php?lang=en
Cite This Page: