Facebook PixelWhat are better alternatives to using a password to log in?
Brainstorming
Brainstorming
Create newCreate new
EverythingEverything
Sessions onlySessions only
Ideas onlyIdeas only
Brainstorming session

What are better alternatives to using a password to log in?

Image credit: Photo by Pixabay from pexels.com

Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni Oct 30, 2020
10
Creative contributions

Pixel compartmentalization

Loading...
Anja M
Anja M Nov 02, 2020
Loading...
Povilas S
Povilas S4 months ago
So this is basically and updated version of what already exists as a password alternative on most smartphones, giving some more freedom to create and adjust things yourself:)
Loading...
Anja M
Anja M4 months ago
Povilas S Yes, that is correct. I think we occasionally easily dismiss these rather simple solutions, but in fact a bit of an update could make them even more difficult for cracking than it seems.
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
I like the idea (if I have understood it correctly; I could not read the text in the images). I get the first part. In the second one, you intend to draw lines to divide the screen into irregular shapes? So, is the password drawing the lines or tapping the shapes made by the lines in a specific order? In any case, it is a good idea. The only disadvantage I see is remembering the order or the pattern.

Use fingerprint combinations

Loading...
J
Juran Oct 31, 2020

Face recognition with blink patterns

Loading...
J
Juran Oct 31, 2020

Security in a Nutshell

Loading...
TM
Tony Maniaci Feb 07, 2021
Loading...
Darko Savic
Darko Savic18 days ago
Similar solutions are used with crypto wallets (Mycelium, Samurai, Keepkey) however they don't scramble as you type. Instead, they display the numbers in a different/unique sequence every time before you begin.
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni18 days ago
I see a decent amount of retailers using card machines that scramble the numbers every time you begin entering the pin. Scrambling the numbers after entering every digit seems like an added layer of protection. Thank you, Tony Maniaci !

What are the disadvantages of using finger impressions?

Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni Oct 30, 2020
Loading...
TM
Tony Maniacia day ago
Fingerprint recognition is already a highly evolved technology. Current state-of-the-art leans mostly on capacitive touch. This method is inexpensive, compact, easy to implement, and is used widely in security devices. Essentially this is a 2D pattern translated into a coordinate point matrix dataset. Other enhancing technologies are added for higher levels of security: a. Infrared imaging to map underlying bio-structure like circulatory structure. b. 3D image scanning to not only map the ridge surface pattern, but the three-dimensional characteristics of the ridge patterns. c. Life detection, active pulse/circulatory monitoring techniques. d. Advanced haptic or active response mapping.

Other biometric methods have parallel degrees of complexity, speed and cost.

Computing power, response time and memory allocation are the limiting factor in biometrics. Clearly, the more data you gather, the greater the dataset size for a given identity stored. This translates to slower response and greater computing power to resolve an identity. For the casual user, if the identity is not resolved in well under 1 second, there tends to be a high level of frustration from the latency. The typical target is to process and respond to a biometric scan in less than 500 milliseconds (1/2 second).

So, there is a huge trade-off decision when selecting biometric security options. Fast and easy represents low security -or- considerable computing power and memory allocation. High security is therefore far more expensive to manage with higher resolution pattern complexity, and mapping additional sensor capabilities, so it places a burden to process and authenticate very quickly.

Overlapping all of this is the general problem with consistency of the subject’s identity feature set. Fingerprints are obscured by injury and wear, images are altered by makeup, injury or just a bad day after a bender. Sensors are fouled by environmental exposure and handling. In general, the biometric landscape is always highly dynamic and unpredictably changing, making precision detection far more difficult. Better security always results in higher rates of rejection.

In the end, any time the User has the opportunity to dumb-down the sensitivity, they tend to turn the controls parameters down to the minimum. The User will always trade off security for convenience. High reject rates due to precision requirements aggravates users. In safe lock technology, we provide a graduated detection precision. In every single case, the client/administrator selects the lowest security setpoint available to accommodate user complaints - without exception.

Our immersive gadget obsession has established that devices work for the convenience of the user and dismiss any security trade-offs. So, we can talk about advancing various forms of biometric security, but in reality, the debate is more about the computing power, memory and how much security you can cram into a 400 millisecond processing burst.

Loading...
J
Juran4 months ago
I was thinking about the impression (3D fingerprint) a bit and I unfortunately think it is not novel.

Already in 2011 there was a paper suggesting the usage of infrared technology to detect the position of finger veins and fingerprint geometry using near infrared imaging (https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3231585/).
Then, if you check the Apple Touch ID technology, it works in a way that it passes a small current through person's epiderms, recording the fingerprint. It makes mathematical representations of your fingerprint, which improves with usage. It sounds like hardcore 3D-imaging already.
Recently, Apple apparently started working on a new technology that would produce shortwave infrared light and make a fingerprint 3D representation using the reflected light (https://gadgets.ndtv.com/mobiles/news/apple-in-display-infrared-fingerprint-scanner-patent-us-iphone-ipad-touch-face-id-2320521). They describe that that is the usual way how infrared sensor works, ut now it will be an in-display feature.

I also commented below that it would be nice to develop a small sonar to detect 3D surface of a fingerprint, but it is already there. There is a paper from 2019 reviewing the ultrasound technology which can already compete with other biometric methods, because of its advantages in the 3D surface detection accuracy (https://pubmed.ncbi.nlm.nih.gov/31137504/).
Also, in the article about infrared fingerprint scanning referenced above, authors also refer to ultrasonic technology that detects ridges and valleys of the fingerprint using sounds and is already present in Samsung Galaxy S10 and S20 series.

So, this (https://www.samsung.com/global/galaxy/what-is/ultrasonic-fingerprint/) is maybe the best representation of your idea about impressions (if I got it right).
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
One password (impression) to unlock them all (apps): Imagine your phone has an impression lock. Once you unlock your phone, all your apps get unlocked and you can use them. There can be a backup password. If someone uses your password and unlocks the phone, they cannot access any of your apps. Apps need the impression to unlock.

Combine face recognition with fingerprints

Loading...
J
Juran Oct 31, 2020
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
Face recognition is laden with opportunities to clone. The attributes of humans that leave a memory easily are easy to imitate. What I mean by that is, for example, your face can be remembered by others, they can capture an image using a camera and that is the memory that stays. It can be modified and used to crack your account keys. That is why I thought of impressions. Impressions leave no kind of memories, at least, today. A photo, again today, cannot be that highly resolved to measure the undulations on one's finger. Even if we touch a surface, we leave behind a print but not an impression.
Loading...
J
Juran4 months ago
Shubhankar Kulkarni I am not sure I understand what you mean by impressions. How would you record an impression?
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
Juran K. Just like an electron microscope recording the surface pattern of a bacterium. Fingers leave a fingerprint since there undulations on the skin surface. The impression is the data on not just the print pattern but also the surface properties (depth of the trough, breadth of the ridges, size and depth of the pores, etc.) (https://www.google.com/search?q=finger+print+parts&sxsrf=ALeKk03CR4dT-5HakfDYNq4II6l6LsJ0HQ:1604319563776&tbm=isch&source=iu&ictx=1&fir=uK8Aw7UbdK942M%252CTyEWF_QAZPrIzM%252C_&vet=1&usg=AI4_-kQ9VDPdZLySfXhWyK8RtSJ6dvaspw&sa=X&ved=2ahUKEwiV0NGN7OPsAhXq4nMBHTFGAVkQ9QF6BAgIEEU&biw=1517&bih=666#imgrc=uK8Aw7UbdK942M).

There are different techniques that can be used:
https://www.optex-fa.com/products/photo_sensor/bgs/bgs_dl/
https://www.nature.com/articles/srep23551

Use regular "digit passwords" with fingerprint as a character

Loading...
J
Juran Oct 31, 2020
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
I like the idea of adding another dimension (digits, fingerprints, impressions, etc.) to the password. It increases the complexity multi-fold since now we can play around with it - just like you mentioned, there can be a specific order in which you can use the digits and implant voice/ fingerprints/ impressions among the digits. Fingerprints can be imitated more easily than impressions; hence, I am more inclined to add impressions to the password. The only other problem I see using this is remembering the password. Although with multiple dimensions, even easy passwords would be hard to guess; so that is a plus.

What about using "vocal passwords "?

Loading...
Antonio Carusillo
Antonio Carusillo Nov 01, 2020
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
Voice, according to me, is pretty easy to record and copy. You can record while the other person is talking (in person, over the phone, live video-chat) anywhere and everywhere when the person talks. There are AI based tools that can imitate your tone from the lowest number of possible recorded words. So when the system asks you to say a randomly generated key phrase, the machine can, possibly, use your voice and say the phrase. For exampl, they proclaim that you can clone a voice within 5 seconds using this device (https://medium.com/syncedreview/clone-a-voice-in-five-seconds-with-this-ai-toolbox-f3f116b11281#:~:text=Montreal%2Dbased%20AI%20startup%20Lyrebird,only%20a%20few%20audio%20samples.).

A question bank full of personal questions

Loading...
Jamila
Jamila Nov 03, 2020

Fingerprint + finger veins (in 3D)

Loading...
J
Juran Nov 04, 2020

[1]https://www.gizmochina.com/2020/09/30/smartphones-new-3d-biometric-scan-finger-veins/

Add your creative contribution

0 / 200

Added via the text editor

Sign up or

or

Guest sign up

* Indicates a required field

By using this platform you agree to our terms of service and privacy policy.

General comments

Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
I initially thought of quick blood (DNA) test, but:
1. It is hard to make it "quick".
2. I remembered a scene from the movie GATTACA where they attach a small blood bag from a different source under a fake thumb skin. The blood from that bag gets tested instead of the person who is wearing the fake skin. So there is already a way around it.
Also, acquiring someone else's blood is easier given the growing number of blood tests we do and also due to blood donation.
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
1. The same goes for retinal scanners. Lenses can be used to mimic other's retina.
2. Face? - We all know how easily that can be changed.
Loading...
Martina Pesce
Martina Pesce4 months ago
Shubhankar Kulkarni you literally wrote what I was thinking! 😂
Loading...
Shubhankar Kulkarni
Shubhankar Kulkarni4 months ago
Martina Pesce DNA is the most personal you can get. 😁 I started from that and then went downward.
Loading...
Povilas S
Povilas S4 months ago
Shubhankar Kulkarni The ultimate conclusion - everything can be hacked and there's no way around it :D There's another movie "Minority Report" where the protagonist transplanted his eyes for the same reason. That's about as hardcore as you can get :D