Our Expanded Password System “Mnemonic Guard” with which we can make use of episodic image memory in addition to textual memory can be viewed as an enhanced successor to text-only password systems on its own.
Furthermore, the Expanded Password System will enable us to see truly powerful multi-factor authentications with a strong unique password being used as one of the factors for all different accounts, whether indoor or outdoor.
With the Expanded Password System used as a rescue-password in case of false rejection, biometric solutions will offer good convenience without sacrificing the confidentiality. We would also be able to see truly reliable decentralized ID federations with a strong unique password
being used as the master-password for each of single-sign-on services and password management tools. The outcome will be the most highly assured identity achieved through the most reliable “shared secrets”
The Expanded Password System is inclusive of textual as well as non-textual passwords. Users can retain the textual passwords as before while they expand their password memory to include the non-textual passwords without being impeded by the cognitive effect of “interference of memory”. It is extremely difficult to imagine the users who would suffer disadvantage or inconvenience by taking up the expanded password system.
Click below for more.
Outline of Mnemonicguard
Mnemonic Guard: Pioneer of Expanded Password System
2015/05/28
Password On Media #17
Below are
some of the latest media articles about password problems and my comments on
them.
- Authentication
Advances May Finally Kill Passwords and PINs
“banks
are finally replacing old and not-so-reliable methods of authenticating
customers —
passwords
and security questions — with sophisticated alternatives.”
My
comment: In a world where we live
without passwords or PINs, say, where our identity is
established
without our volitional participation, we would be able to have a safe sleep
only
when we
are alone in a firmly locked room. Is
this what we want?
Posted
below relating to this topic is a slide “Death to Password?”
- NTT
DoCoMo offering password replacement on some services
“NTT
DoCoMo said it plans to be the first mobile operator to integrate online
services and smartphones that
support biometric authentication based on protocols developed by the FIDO
Alliance.”
My
comment: FIDO is sadly promoting
biometrics in a wrong manner.
Biometric
authentication could be a candidate for displacing the password if/when (only
if/when)
it has
stopped depending on a password to be registered in case of false rejection
while keeping
the
near-zero false acceptance.
We could
be certain that biometrics would help for better security only when it is
operated together with another
factor by AND/Conjunction (we need to go through both of the two), not when operated
with another factor by OR/Disjunction (we need only to go through either one of
the two) as in the
cases of Touch ID and many other biometric products on the market that require
a backup/fallback
password, which only increase the convenience by bringing down the security.
In short,
biometric solutions could be recommended to the people who want convenience but
should
not be recommended to those who need security.
Below is a brief slide titled “Password-Dependent
Password-Killer” posted with respect to this theme.
2015/02/08
Password On Media #16
Below are
some of the latest media articles about password problems and my comments on
them.
- Passé
words
“PIN—a solution that borders on password
territory, but that is more easily remembered”
My Comment:
It seems that there are some misperceptions with either The Economist’s
article or what FIDO says
1. PIN vs Password: Many people take it for granted that PIN is
easier to remember than an alphanumeric password because it is simpler. The fact is, however, that PIN, a numbers-only
short password, is even more subject to the interference of memory exactly
because it is simpler, say, it contains less information, which gets the user
confused more easily and more badly than a longer alphanumeric password. It is, therefore, more difficult for us to
eliminate the reuse across many accounts. You could listen to yourself for your
own experience.
2. PKI:
The PKI software and the private key stored on a token or phone can
effectively proves the identity of the token or phone, but not the identity of
a person who is holding the token or phone.
The tokens and phones are easily left behind, lost, stolen and abused.
Then the password would be the last resort.
A truly reliable 2/multi-factor solution
needed for important accounts requires the use of the most reliable password.
3. BIOMETRICS: The sort of threats that can be thwarted by
biometric products operated together with fallback/backup passwords as in the
case of Apple's TouchID and most of the biometric products on the market can be
thwarted more securely by passwords only.
What biometrics operated this way can achieve is better convenience, not
better security.
4. Password’s Death: Some people shout that the password is dead
or should be killed dead. The password could be killed, however, only when
there is an alternative to the password. Something belonging to the password(PIN, passphrase, etc)and something dependent on the password (ID
federations, 2/multi-factor, etc) cannot be the alternative to the password. Neither can be something that has to be used
together with the password for either convenience or security (biometrics,
auto-login, etc).
Anyway, it is too obvious,that the
conventional alphanumeric password alone can no longer sustain the demand and
we urgently need a successor to it, which should be found from among the
broader family of the passwords and the likes.
At the root of the password headache is the
cognitive phenomena called “interference of memory”, by which we cannot firmly
remember more than 5 text passwords on average. What worries us is not the
password, but the textual password. The textual memory is just a small part of
what we remember. We could think of
making use of the larger part of our memory that is less subject to
interference of memory. More attention
could be paid to the efforts of expanding the password system to include images
in addition to characters.
2014/12/12
Password On Media #15
Below are
some of the latest media articles about password problems and my comments on
them.
- FIDO
Alliance releases 1.0 specifications for passwordless authentication
My Comment: Many
people shout that the password is dead or should be killed dead. The password
could be killed, however, only when there is an alternative to the password. Something belonging to the password (PIN,
passphrase, etc)and something dependent on the password (ID federations, 2/multi-factor,
etc) cannot be the alternative to the password. Neither can be something that has to be used
together with the password (biometrics, auto-login, etc). What could be killed is the text password, not
the password.
FIDO is expected to make it sure that the
vendors of biometric products operated together with passwords by
OR/Disjunction (as against AND/Conjunction that is common for 2-factor
authentication) should explicitly publicize that
(A)
The biometric product raises the convenience at the sacrifice of
security when the user keeps using the same password.
&
(B)
The biometric product could raise the convenience without sacrificing
security when the user changed the password to a largely-harder-to-break
password (with a footnote that the password should be remembered, not carried
around on a memo and that the password should not be reused across other
accounts.)
It should be noted that it is not possible
to compare the strength of biometrics with that of passwords. There are no objective data about the overall
vulnerability of biometric solutions (not just false acceptance rate when false
rejection is sufficiently low but also the risk of forgery of body features and
the risk of use when the user is unconscious/sleep) and that of the passwords
(not only that it may be as low as 10 bits or as high as 100 bits but also that
it can be stolen and leaked.)
It will hopefully not take long before FIDO people will be aware that at
the root of the password headache is the cognitive phenomena called
“interference of memory”, by which we cannot firmly remember more than 5 text
passwords on average.
What worries us
is not the password, but the textual password. The textual memory is only a small
part of what we remember. We could think of making use of the larger part of
our memory that is less subject to interference of memory. More attention could
be paid to the efforts of expanding the password system to include images,
particularly KNOWN images, as well as conventional texts.
Most of
the humans are thousands times better at dealing with image memories than text
memories. The former dates back to hundreds of millions of years ago while the
latter's history is less than a fraction of it.
I wonder what merits we have in confining ourselves in the narrow
corridor of text memories when CPUs are fast enough, bandwidth broad enough,
memory storage cheap enough, and cameras built in mobile devices.
2014/11/20
False Sense of Security
It is very worrying to see so many ICT people being indifferent to the difference between AND/conjunction and OR/disjunction when talking about “two factors used together”.
Biometrics can theoretically be operated together with passwords in two ways,
(1) by AND/conjunction or (2) by OR/disjunction. Biometric products operated by (1) are unknown. The users of such products must have been notified that, when falsely rejected by the biometric sensors with the devices finally locked, they would have to see the devices reset. It is the same with the biometrics operated without passwords altogether.
Biometric products like Apple's Touch ID are generally operated by (2) so that users can unlock the devices by passwords when falsely rejected by the biometric sensors. This means that the overall vulnerability of the product is the sum of the vulnerability of biometrics (x) and that of a password (y). The sum (x + y - xy) is necessarily larger than the vulnerability of a password (y), say, the devices with Touch ID and other biometric sensors are less secure than the devices protected only by the password.
What makes us nervous is the possibility of seeing such pictures that many of the consumers, who are trapped in the false sense of security, are piling up their assets and privacy in the cyber space while some of the criminal wolves, who are aware that those consumers are now less safe, are silently waiting for the pig to grow fat.
I would appreciate to hear different views, especially from the people who are professionally engaged in biometrics industries.
Password On Media #14
Below are
some of the latest media articles about password problems and my comments on
them.
- Thumbs
Down on a Palm Recognition Experiment
"Biometric
authentication seems all the rage now that Apple uses fingerprint ID in its
mobile wallet, but the Bitcoin ATM provider RoboCoin has concluded that
biometrics can be more of a hassle than a help."
My
comment: The issue of “hassle” is
probably a very minor problem if compared with the false sense of security as
discussed in the foregoing.
- Turkey halts biometric healthcare registration
“Turkey ’s Council of State has ruled that biometric registration of patients must stop as it is unconstitutional.”
- Malware’s new target: your password manager’s password
“Once the malware captures this
master key, then they can use that master key to exercise complete control over
the machine and any of the user’s online accounts,”
My
comment: What have long been anticipated
are now happening as have been anticipated.
As I have repeatedly emphasized, password managers should be operated in
a decentralized formation or should be considered mainly for low-security
accounts.
- FBI
Most Wanted Hacker Jeremy Hammond Used His Cat's Name for Password
“Hammond said he still
isn't sure how federal authorities were able to get into his encryption program
and gather evidence that ultimately sent him to prison, however, he said he
wonders if his weak password may have been the culprit.”
My
comment: This report ironically reconfirmed
that sufficiently strong passwords are the key for the safe deployment of
cryptography.
- Farmers
shut out of online services by new identity scheme
"I
can’t remember the exact date that I moved to my current address in 1984! Is
this all really necessary???"
My
comment: This news may be giving us too
plain a lesson that the shared secrets for identity proofing should be the ones
that can be shared not just by machines but also by the very human users.
2014/10/20
Password On Media #13
Below are
some of the latest media articles about password problems and my comments on
them.
- Forgotten
Passwords Cost Companies $200,000 a Year
“A recent
survey of 2,000 people in the U.S.
and the U.K.
has found that companies lose over $420 in productivity per employee per year
due to workers struggling with passwords -- for a 500-person company, that's a
loss of more than $200,000 per year.”
My
comment: On top of the damages caused by
forgotten passwords we could add the damages by broken and stolen passwords.
- Passage
Replaces Your Passwords With Images
“From the
users’ perspective, here is how it works when you end up on a site that uses
Passage: you register with your email and then, instead of entering a password
(twice), you hold up your image in front of your camera to register it”
My
comment: The title of the report first
led me to wonder if another pictorial password is being reinvented, but it soon
turned out to be possibly an alternative to biometric facial recognition. Pattern matching of the images used in the
video may well be much easier than that of faces because there are much more
feature points. A snag is that, although
the objects to be used as images to be photographed may not be as publicly
exposed as our faces, those image objects can be left behind or lost a bit more
easily than our faces.
- What
the cybersecurity executive order means for authentication
“The
focus of the announcement was on the move to EMV and the more secure chip and
PIN technology. “-
My
comment: "Chip & PIN" is no
doubt better than "Chip Only" or "PIN Only", but obviously not
as good as “Chip & Strongest Password”.
Using a
strong password does help a lot even against the attack of cracking the stolen
hashed passwords back to the original passwords. The problem is that few of us
can firmly remember many such strong passwords. We cannot
run as fast and far as horses however strongly urged we may be. We are not
built like horses. At the root of the
password headache is the cognitive phenomena called “interference of memory”,
by which we cannot firmly remember more than 5 text passwords on average. What
worries us is not the password, but the textual password.
Multi-factor
authentications are also referred to in the article. Security could certainly be raised by putting
a 2nd factor, a 3rd and so on. But the
piling up inconveniences thus caused could in turn drive users away and ruin
the whole scheme altogether.
*************************************************************************************
About
Me
About
Expanded Password System "Mnemonic Guard"
http://mneme.blog.eonet.jp/default/files/outline_of_mnemonic_security.pdf
*************************************************************************************
*************************************************************************************
Subscribe to:
Posts (Atom)