Pentagon's way-out research arm DARPA is looking to invent a way to secure passwords without the need to type them. The agency is working on a software applications to let computers authenticate a user by the way types. Well, typing passwords will no longer be needed; just your typing style alone will be your password in the future.
Every person has his own style for keystrokes, the speed, dynamism and everything in typing differs for person to person, hence, the idea of authenticating a user with a look into the typing style is wonderful. Users can just start working on their computer as the system will identify them in the background, says Richard Guidorizzi, product manager at DARPA.
The only motive to develop a keystroke based authentication system is the increased concern over password security. Fraudsters constantly work round the clock to break into confidential data of user, thus, DARPA's ultra-secure facility for passwords seems a cool alternative considering its lined in to do away with passwords altogether. Investigating into the exclusive keystroke dynamics of a user, it is quite easy to distinguish his/her identity, says Roy Maxion, a research professor at Carnegie Mellon University.
Different from the traditional log-in authentication process, this behavioral system requires constant monitoring. Well, in the first case, users get into their mails or other accounts via entry of password to the log-in columns. But, the new technology wants people to wait for a while as the device requires sometime to recognize the user, which of course is a major shortcoming of DARPA's technology as of now.
Eye-Lock: iris-scanning for passwords
Developed by New York based biometric security firm Hoyos Group, Eye Lock is in form of a USB drive, the device has to be connected with a PC via USB port, and on showing your eye to the wand-like scanner, it will decode your unique identification to access to any of your online IDs. The device scans user's iris to create a unique numerical key, which will change every time one logs in to his account. This means there is no possibility of a password hack. It steps up online security manifold, says Tracy Hoyos, Hoyos Group’s assistant marketing director.
Mozilla intends to make passwords a thing of the past
Mozilla's BrowserID is a new experimental project that simplifies the sign-in process for websites, eliminating the necessity of passwords which was the only way to guarantee privacy. With BrowserID, there is no requirement of passwords or the sign-up/verification processes to enter any website. Through an email address associated with BrowserID, users can sign in to websites easily with no further demands for identity proof. The project utilizes the users’ email address to substitute the login details. The procedure is very simple. A user logs in to a website but instead of entering the site-specific password, BrowserID intercepts the request and asks to select any one of the email addresses through which the user’s identity can be authenticated. It is only for a single time that the user is required to verify his/her email addresses after which the BrowserID service uses crypto keys attached to the email address to verify that it is indeed the owner trying to enter the account.