Sign In

Communications of the ACM

ACM TechNews

Bypassing the Password

View as: Print Mobile App Share:
arrows pointing to different keyboard keys

Credit: The New York Times

The U.S. Defense Advanced Research Projects Agency (DARPA) wants to develop an alternative to computer passwords that would confirm a user's identity by the way he or she types on a keyboard. "What I'd like to do is move to a world where you sit down at a console, you identify yourself, and you just start working, and the authentication happens in the background, invisible to you, while you continue to do your work without interruptions," says DARPA's Richard Guidorizzi.

Various research efforts are underway to authenticate users by the way they operate a computer. For example, Carnegie Mellon University professor Roy Maxion is researching keystroke dynamics, including the length of time a user holds down a given key and moves from one particular key to another. Pace University professor Charles Tappert has developed software that analyzes the distinctive patterns of keyboard pressure and can accurately confirm the identity of a test taker in 99.5 percent of cases. Columbia University professor Salvatore J. Stolfo has developed software that uses a decoy document designed to lure and catch intruders. When a decoy file is opened, the system software checks to see whether the user has conducted file searches on the computer that fit the expected search pattern. If there is no close match, the system sets off an alarm and asks the user for an identity confirmation.

From The New York Times
View Full Article


Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account