New York, US: Between super-powered hacker computers and keystroke recording malware, traditional passwords may no longer be secure enough. To overcome these problems, computer scientist Bill Cheswick has devised a new method for logging into secure areas: clicking on a map.
Speaking at the New York Institute of Technology Cyber Security Conference, Cheswick described how users could memorise the exact spot on a satellite photo, with the longitude and latitude serving as the access code. By zooming down through the map to the high level of resolution, users can graphically produce a nearly unbreakable password that neither people nor viruses could track.
“The key idea is that you have a data set with very deep data, and you have to drill down. You could drill down on a map of anything. Probably better if it’s a map of some place you’ve never been, so you’re not tempted to pick your childhood home,” said Cheswick, a scientist at AT&T research. “You could choose a 10-digit latitude, and a 10-digit longitude, then you have a 20-digit password.”
Computer security protocols that involve clicking on a picture instead of typing a password have existed for 15 years. While clicking on a photo does defeat hacking programmes that use dictionaries to break passwords, specially designed programmes have evolved over the last decade that track mouse location specifically to break picture-based passwords.
By using a map with zoom, this new method renders those mouse-tracking programmes useless. Sure, the virus will know where the mouse clicks, but unless it knows what map the user is looking at and how deeply zoomed in they are, the hacking programme can’t record the longitude and latitude that serve as the password.