Sign In

Communications of the ACM

ACM TechNews

Why We Should Not Know Our Own Passwords

Typing in login information.

There is active research transpiring in the area of unknowable password development.


There is active research transpiring in the area of unknowable password development, with Elon University professor Megan Squire citing several notable projects.

Researchers at California State Polytechnic University in 2016 proposed a solution that measures a person's unique brain chemistry response while listening to their choice of soothing music. Squire notes this biometric response is incorporated into the user's login process. If a user is under stress, they cannot relax enough to match their previously measured "chill" state, and the login will not go through.

Meanwhile, Google's Project Abacus proposes replacing the traditional password with a Trust Score, a proprietary blend of identifiable characteristics determined by Google. The score includes biometric factors such as typing patterns, walking speed, voice patterns, and facial expressions.

"If the Trust Score falls below a certain threshold, say by observing a strange typing pattern or an unfamiliar location, the system will require the user to enter additional authentication credentials," Squire says.

From The Conversation
View Full Article


Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


No entries found

Read CACM in a free mobile app!
Access the latest issue, plus archived issues and more
ACM Logo
  • ACM CACM apps available for iPad, iPhone and iPod Touch, and Android platforms
  • ACM Digital Library apps available for iOS, Android, and Windows devices
  • Download an app and sign in to it with your ACM Web Account
Find the app for your mobile device