5 May 2015

Creating a Pattern for Authentication

We all use patterns to create passwords and have our own ‘unique’ formulas that we hope will keep us secure and able to remember them. So, I was not surprised to read a story on TechWeekEurope in which Praetorian had reported that half of users’ passwords follow just 13 structures.

What did shock me thought is that there were as many as 13. How many of you use the tried and tested pattern for creating a password that begins with a capital letter at the start of a memorable word, followed by a memorable number and ending in an exclamation mark? My guess is that it is the majority of you!

It may seem to make sense that fewer structures inevitably make it easier for hackers to decipher passwords and therefore organisations should have policies for ‘strong’ passwords enforced upon them to avoid the obvious, and make it harder. However, the fact of the matter is even if there were double, quadruple or even ten times the number of structures being used, all it would do to a determined cybercriminal is slow them down a little, forcing them to use a wider variety of tools and tactics in their arsenal. It certainly would not stop or deter them.

My answer to the problem is simple. If people like using patterns to create passwords and those passwords are not secure, then remove the password from the equation altogether and use the pattern. This the foundation upon which PINgrid is based.

Of course, the obvious question to ask is what is to stop the professional cybercriminal or opportunist from simply guessing, or identifying patterns? After all, surely that is easier that passwords! So, here is the clever part. Unlike passwords the user never discloses the pattern that they have chosen. 



Using PINgrid, when the user logs in they simply type in the numbers (0-5 digits used in the grid) displayed in their memorable pattern. And, because these numbers are constantly changing it creates a huge range of possibilities. So, in a standard 6x6 configuration, PINgrid provides 2.1 billion unique pattern possibilities, scale that up to 8x8 (0-7 digits used in the grid) and the number grows to an incredible 68.7 billion.

Author: Alissa Lang, Winfrasoft


1 comment:

  1. Nowadays, many cloud storage vendors are using advance data encryption techniques, antivirus scanning procedures, data backup techniques, and other security solutions that a personal computing environment cannot offer. By keeping important data in the cloud, you can save it from all the major threats such as environmental threats, unauthorized users, technical failures and malicious software.
    best data rooms

    ReplyDelete