passwords & corresponding accounts

4
Passwords & Corresponding Accounts Being able to recall strong passwords is one thing. Being able to recall the relations between accounts and the corresponding passwords is another. We are often obliged to - reuse the same passwords across many accounts - carry a memo with passwords and the corresponding accounts on it - depend excessively on a password manager with a single point of failure however strongly we are told not to.

Upload: hitoshi-kokumai

Post on 23-Jul-2015

188 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: Passwords & corresponding accounts

Passwords & Corresponding Accounts

Being able to recall strong passwords is one thing. Being able to recall the

relations between accounts and the corresponding passwords is another.

↓We are often obliged to

- reuse the same passwords across many accounts

- carry a memo with passwords and the corresponding accounts on it

- depend excessively on a password manager with a single point of failure

however strongly we are told not to.

Page 2: Passwords & corresponding accounts

Biometric products do not help for this problem because biometric solutions require a password to be registered in case of false rejection.

No Help fromPassword-Dependent Solutions

Neither do the multi-factor authentications which require a password as one of the factors.

Page 3: Passwords & corresponding accounts

Expanded Password System that accepts images provides a solution to this hard problem. When unique matrices of images are allocated to different accounts with the EPS, those unique matrices of images will be telling you what images you could pick up as your passwords.

Here is The Solution

The EPS will free us from the burden of managing the relations between accounts and the corresponding passwords.

Account A Account B Account C Account D

Account E, F, G, H, I, J, K, L-----------

Page 4: Passwords & corresponding accounts

At the root of the password headache is the cognitive phenomena called “interference of memory”, by which we cannot firmly remember more than 5 text passwords on average. What worries us is not the password, but the textual password. The textual memory is only a small part of what we remember.

We could think of making use of the larger part of our memory that is less subject to interference of memory. More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, in addition to characters.

The outline of Expanded Password System is available at http://www.slideshare.net/HitoshiKokumai/expanded-password-system

Interference of Memory

19 April, 2015

Mnemonic Security, Inc. Japan/UK