21 February, 2009 § Leave a comment
As part of my research in Computer and Network Security, I am looking in to how we can make simple password protocols more secure without making the login process harder for the user. I have written a background study on previous research that has looked at this problem. Below is an excerpt, and at the bottom of the post you will find a link to my full background survey. Leave a comment and let me know what you think.
The most well-known and accepted way to authenticate users in computer systems deals with entering a username and password. Other authentication techniques include the introduction of the user’s physical features (e. g. retinal or fingerprint scans) or requiring the user to have a special piece of hardware in their possession .
These added burdens that are placed on the user make software less usable and may even lead to users not locking their system down as often to avoid a lengthy login process. These systems are put in place for security, yet poor usability may actually lead worse overall security.
One way to solve this problem is to continue to let users simply use their username and password to log in to their system. Previous research has shown that the same factors that make written signatures unique are found in a user’s typing pattern . Meta information can be obtained about how the user enters this information to add another level of security to the authentication protocol, thus increasing security without affecting usability.
For more information and to read the rest of my background survey, you can read the PDF: Background Survey on Keyboard Biometrics