Hi frenzz m back.....
One of the most famous, even cooks and housewives, the concepts of information security is a password on the strength of which often depends on all the security barriers - domestic, banking, corporate and other. Of course the theoretical IB has long been known that the strength of a password depends on the information entropy. What is a random set of characters (in different registers, different alphabets, numerals and special characters ...), the more secure password, the harder it is to remember. Any attempt to make your password memorable lead to a decrease in entropy and predictability of the password. Character passwords mnemonic passwords, graphical passwords ... And now it's time for music passwords.
British experts (not to be confused with the British scientists) - Marcia Gibson, Karen Renaud, Mark Conrad and Carsten Maple (such an idea could only come from the women ;-) Berdforshira University, analyzed the existing methods for selecting passwords and came to the conclusion that the traditional character passwords are ineffective and their replacement of hardware tokens and biometrics are not always appropriate and not always available, both financial and technical reasons. Visual or graphical passwords (the choice of pictures from the set, an indication of a particular place in the picture, the sequence of movements) are a good substitute, since According to psychologists, the human brain remembers it better than the graphic images of the semantic or syntactic.
Another channel that has a higher "reliability" rather than memorization of characters is music. It "works" on a deeper level than even the images, and more resistant to interference. The researchers analyzed the various uses of music as a password and created a prototype system Musipass, which implemented the findings. In particular:
• better to give users the option of the existing music videos (cuts), and do not give them the ability to upload your own (many well-known and easily predictable music)• Use the best-known tunes than the unknown (although it reduces the set of possible combinations)• a sufficient length of melody notes 6.3 (remember, the transfer of "Name That Tune")• Music must be rhythmic• Music with vocals remembered better than instrumental compositions• well-remembered sound anchor (bright and catchy instrumental or vocal parts).
The most interesting results of the tests Musipass. Memorability and musical character passwords at the first attempt to use the system about the same - within the statistical error. After a musical performance using passwords increases and exceeds the memorability of the password character by 48% (91% vs. 62%). But there are interesting effects on a password scheme. It is the most "close" generation "to 35", which is understandable. The older generation predochitaet usual, more familiar to them passwords.
Overall, quite an interesting study. And a new one. The first mention of this topic appeared in the 2008-2009-m, respectively. So wait for its active implementation in the near future, probably not worth it. But the fact that researchers are not standing still and looking for new solutions to known problems, it is interesting.
One of the most famous, even cooks and housewives, the concepts of information security is a password on the strength of which often depends on all the security barriers - domestic, banking, corporate and other. Of course the theoretical IB has long been known that the strength of a password depends on the information entropy. What is a random set of characters (in different registers, different alphabets, numerals and special characters ...), the more secure password, the harder it is to remember. Any attempt to make your password memorable lead to a decrease in entropy and predictability of the password. Character passwords mnemonic passwords, graphical passwords ... And now it's time for music passwords.
British experts (not to be confused with the British scientists) - Marcia Gibson, Karen Renaud, Mark Conrad and Carsten Maple (such an idea could only come from the women ;-) Berdforshira University, analyzed the existing methods for selecting passwords and came to the conclusion that the traditional character passwords are ineffective and their replacement of hardware tokens and biometrics are not always appropriate and not always available, both financial and technical reasons. Visual or graphical passwords (the choice of pictures from the set, an indication of a particular place in the picture, the sequence of movements) are a good substitute, since According to psychologists, the human brain remembers it better than the graphic images of the semantic or syntactic.
Another channel that has a higher "reliability" rather than memorization of characters is music. It "works" on a deeper level than even the images, and more resistant to interference. The researchers analyzed the various uses of music as a password and created a prototype system Musipass, which implemented the findings. In particular:
• better to give users the option of the existing music videos (cuts), and do not give them the ability to upload your own (many well-known and easily predictable music)• Use the best-known tunes than the unknown (although it reduces the set of possible combinations)• a sufficient length of melody notes 6.3 (remember, the transfer of "Name That Tune")• Music must be rhythmic• Music with vocals remembered better than instrumental compositions• well-remembered sound anchor (bright and catchy instrumental or vocal parts).
The most interesting results of the tests Musipass. Memorability and musical character passwords at the first attempt to use the system about the same - within the statistical error. After a musical performance using passwords increases and exceeds the memorability of the password character by 48% (91% vs. 62%). But there are interesting effects on a password scheme. It is the most "close" generation "to 35", which is understandable. The older generation predochitaet usual, more familiar to them passwords.
Overall, quite an interesting study. And a new one. The first mention of this topic appeared in the 2008-2009-m, respectively. So wait for its active implementation in the near future, probably not worth it. But the fact that researchers are not standing still and looking for new solutions to known problems, it is interesting.
0 comments:
Post a Comment