This paper presents a new authentication system that reads in a rhythmic beat as input, analyzes it, and if successful will authenticate the user. It uses a binary sensor (one input at a time) to collect the password. In the study of the software TapSongs, successful logins returned an 83.2% rate while false positives returned a 10.7% rate. The claim of the paper is that this type of login is just as good as text based authentication.
When I first read this paper I was positive that this software would not be able to stand up to any sort of false positive test. I assumed that tapping would be clearly audible to surrounding people and I knew that beats are easily remembered. By looking at their statistics I can conclude that this is not necessarily the case. Many people are not musically adept and would have trouble even recognizing a beat. However, if they remember the beat, it seems easier to "hack" into a piece of hardware if they had time to do multiple attempts. I would suggest a mixture of the text based authentication with the beat system because most people have a certain "beat" while they type in their passwords and this would surely increase both methods of authentication.
No comments:
Post a Comment