Researchers at Stanford and Northwestern are working with the computer scientists at SRI International to create a method of password authentication that will be as intuitive as riding a bike. Specifically, users play a simple repetitive game that, over time and without their knowledge, stores a unique pattern of keystrokes. Later, the user plays the game again, but this time the game is looking for parts of that pattern; authentication is achieved when the pattern parts are entered.
What’s the Big Idea?
SRI executive Patrick Lincoln says that the method works because of implicit learning: Just like riding a bike, the act of repetition creates a learned skill that is extremely difficult to explain verbally. Passwords “that you know but don’t know you know” would be hard for their owners to access, much less anyone else, and Lincoln says it might even be possible to learn multiple passwords in this manner. Currently the training takes about 40 minutes per password, and system accuracy isn’t the best, but a recent grant from the National Science Foundation will allow the team to continue and improve on their work.