Passwords May Become Things of the Past
There are two problems with a password. The first is that you can forget it. The second is that you know it and someone else can get you to cough it up. As any hacker knows, people are usually the weakest link in any security system. We're trusting, gullible, and, if trickery fails, there's always blackmail or violence—the term for this sort of coercive code-cracking is rubber hose cryptanalysis.
But what if you weren't able to tell someone else your password, even if you really wanted to? What if it was a secret even to you? No amount of the rubber hose treatment would be able to extract it. It sounds like an impossibility, but in a paper that will be presented at this week's USENIX Security Symposium, a team of computer scientists and neuroscientists working together have created just such a password.
Hide Comments (0)
Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.
Please
to post commentsMute this user?
Ban this user?
Un-ban this user?
Nuke this user?
Un-nuke this user?
Flag this comment?
Un-flag this comment?