Future online password could be a map

[meckl]

Future online password could be a map

Researcher says it would elude hackers' keystroke recording software



NEW YORK — Between super-powered hacker computers and keystroke recording malware, traditional passwords may no longer be secure enough. To overcome these problems, computer scientist Bill Cheswick has devised a new method for logging into secure areas: clicking on a map.

Speaking at the New York Institute of Technology Cyber Security Conference this past Wednesday, Cheswick described how users could memorize the exact spot on a satellite photo, with the longitude and latitude serving as the access code. By zooming down through the map to the high level of resolution, users can graphically produce a nearly unbreakable password that neither people nor viruses could track.

“The key idea is that you have a data set with very deep data, and you have to drill down. You could drill down on a map of anything. Probably better if it’s a map of someplace you’ve never been, so you’re not tempted to pick your childhood home,” said Cheswick, a scientists at AT&T research. “You could have a 10 digit latitude, and a 10-digit longitude, then you have a 20-digit password.”

Computer security protocols that involve clicking on a picture instead of typing a password have existed for 15 years. While clicking on a photo does defeat hacking programs that use dictionaries to break passwords, specially designed programs have evolved over the last decade that track mouse location specifically to break picture-based passwords.

By using a map with zoom, this new method renders those mouse-tracking programs useless. Sure, the virus will know where the mouse clicks, but unless it knows what map the user is looking at, and how deeply zoomed in they are, the hacking program can’t record the longitude and latitude that serve as the password.

To date, Cheswick has not done any usability studies on this technique, so he’s unsure whether or not it is easy enough for use by the general public. However, with threat of password cracking hackers increasing by the day, convenience of use may have to take a back seat to security.

Quelle: msnbc.msn.com

[wacked]

Ich habe jetzt keine ahnung wie genau die Bilder von den google servern geladen werden. Wir tuen mal so als wäre es

http://pictures.maps.google.com/?lon...654315&zoom=10

Dann müßte man nur diese URL loggen und kann dann mit der größe der karte im fenster und der mausposition längen & breitengrad berechen.

kthxbai

[shoei]

aha, ich bleib bei den alten passwörtern D:

[v0Dka.]

dan reicht doch ein screenshot mit dem breiten grad usw.. zoomfaktor schon ist man drinn oder wie ? .. und auserdem für jede seite dann auf ner blöden mappe etwas suchen finde ich doch etwas blöd...

naja ich durchschaue den sinn vielleicht nicht zu 100%..

[SFX]

der Sinn wäre dass es mehr mögliche Punkt auf der Erde gibt als Kombinationen bei einem standard Passwort mit 6 Zeichen..