U.K. Researchers Develop Solution For Password Fatigue Using Graphic Images | Hacked: Hacking Finance
user

U.K. Researchers Develop Solution For Password Fatigue Using Graphic Images

Introduction

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.


LATEST POSTS

Bitcoin Giant Bitmain Enters the High Stakes AI Race 27th August, 2017

Three Country Exchange Traded Funds Offer Potential For Investors 27th August, 2017

Cybersecurity

U.K. Researchers Develop Solution For Password Fatigue Using Graphic Images

Posted on .
This article was posted on Tuesday, 22:03, UTC.

As the Internet becomes a bigger part of our daily routine for doing just about everything, the task of managing your passwords can get cumbersome. Researchers at the University of Plymouth in Plymouth, U.K. thinks they may have found some relief for password fatigue, according to The Inquirer.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The solution is a combination of sequential images and a one-time numerical code.

GOTPass, also called Graphical One Time Password, debuted on Christmas Day in a blog from local media officer Alan Williams. The blog included statements from participants in the Ph.D. study at the university’s Centre for Security Communication and Network Research.

White Paper Sheds Light

Memorizing strong passwords often results in unreliable practices, according to a white paper on the study. Graphical authentication offers a solution since peoples’ memory for images is superior to that of text, thereby improving password security and usability.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

GOTPass authenticates using a one-time number code that the user types in based on a sequence of confidential images and a pre-selected image format, the paper notes. The paper includes an analysis of the security evaluation and demonstrates GOTPass’s high resistance capability versus common graphical password attacks.

Three simulated attacks – shoulder-surfing, guessing and intersection, demonstrated that nearly 98% of 690 attempts were unable to compromise the system.

GOTPass: Easy Set Up

To set up GOTPass, a user draws a pattern on a 4×4 grid similar to Android’s unlock scheme, according to Engadget.com. Once the user chooses a pattern, they select an image from grids of 30 random emoji-esque images. After picking from four grids, they receive their “password.” The login process is fairly simple once the GOTPass is set up. The user enters a username, then draws the pattern lock. Next there are 16 images, of which two are from the four picked during setup, and 14 are decoys. The user selects the correct images and gets a one-time passcode to enter.

Hussain Alsaiari, a Ph.D. student, said traditional passwords are usable, but they are also vulnerable, no matter how safe the user feels their information is.

Alternative systems exist, Alsaiari said, but they are expensive or they have deployment constraints that make them hard to integrate into existing systems while maintaining user consensus.

The GOTPass system, by contrast, is easy to use and provides confidence the information is secure.

Also read: Strong passwords: motor memory phassphrase

Long-Term Effectiveness?

Dr. Maria Papadaki, a network security lecturer at the university who is directing the study, said online security needs to be hard to hack to be effective, and the study has shown that a combination of one-time passwords and graphics can provide this. The solution is also low cost compared to token-based, multi-factor systems that call for expensive hardware devices.

The team is planning more tests to determine the long-term effectiveness of GOTPass, along with more detailed usability aspects.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

There are no comments.

View Comments (0) ...
Navigation
The team:
Dmitriy Lavrov
Analyst
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Founder
Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
Mate Csar
Analyst
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Mati Greenspan
Analyst
Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Analyst
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Journalist
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
A bash injection, also called shell injection or command injection…