Computer scientist Ziyad Al-Salloum of ZSS-Research in Ras Al Khaimah, UAE, has developed ‘geographical passwords’ for securing online data. The new ‘geo’ approach, uses users’ ability to recall a favourite or visited place with relative ease, and then use that place’s specific location as the access credentials.
The prototype system is developed by ZSS-Research to protect a system against known password threats. The developer says that conventional passwords are a security risk in the face of increasingly sophisticated “hacker” tools that can break into servers and apply brute force methods to reveal passwords.
“It’s much easier to remember a place you have visited than a long, complicated password,” argued Al-Salloum.
The geographical password system utilizes geographical information from a specific memorable location around which the user has logged a drawn boundary – longitude, latitude, altitude and other features form the geographical password. It could be your favorite holiday destination, your local park or any other geographical feature.
Once created, the password is then “salted” by adding a string of hidden random characters that are user-specific and then the geographical password is “hashed” together with the salted password. The system works even if any two users picked the same place as their geographical password since the behind-the-scenes password settings would still be unique to them.
“Proposing an effective replacement of conventional passwords could reduce 76% of data breaches, based on an analysis of more than 47,000 reported security incidents,” Al-Salloum wrote, according to eScience News.
Over the last few years numerous major corporations and organizations have been targeted by hackers. Recently Snapchat, LinkedIn, Microsoft, Twitter, Yahoo and others – have had their systems compromised to different degrees in spite of advanced security systems.
Source: ET