“photographic memory” or a “memory of photographs”

Last week, as part of a discussion thread that I was following on the Identity Gang, someone pointed out Passfaces.

I feel like I have had my head in a bucket as this technology is not something I have come across before. I think the idea behind it is very interesting and potentially very useful. As well as the extra level of authentication (although arguably not much extra) you also get the added anti-phishing protection.

It is common knowledge that the brain can remember images better than anything else. If you have ever done any memory management training courses, you will testify to this.

Technorati Tags: , , , ,


2 thoughts on ““photographic memory” or a “memory of photographs”

  1. Hello Paul,

    I have to disagree with your comment “(although arguably not much extra)” regarding Passfaces level of authentication.

    Behind each face is a hexidecimal ASCII code. 3-7 faces can be assigned so that a simple password can be used augmented by the 24-56 number code, which is recognized by a computer or web server, as the human user sees between 3-7 faces as their assigned Passfaces code.

    Passfaces provides strong, two-factor authentication, without the need, expense, or the loss or theft possibility when using tokens.

    Passfaces cannot be shared written down or copied, and provides bi-directional authentication, providing protection against spoofing . Passfaces is also impervious to screen scraping

    Simple passwords can be used, and changed every 30 to 90 days as required by some laws and the assigned Passfaces code can remain unchanged.

    As a reseller of Passfaces as well as other compliance and secure solutions, I find it to be an extremely cost-effective, workable authentication solution.

    Best Regards,
    Tim Ward

  2. You should also check out Tricerion (www.tricerion.com) . . . (a bit of self-promotion here, since I work for them). This is a similar mutual authentication system, but uses either images or alphanumerics. The clicks on the keypad transmit not the value, but the unique location of each button, as the arrangement gets shuffled every time the keypad is presented, making it an OTP system.

    The alphanumeric keypad gives the advantage of instant migration from current text passwords to a mutual authentication platform.

    The image-based passwords are nice because you can create highly relevant images (depending on your user base) where you can have categories of various objects (sports, universities, cars, etc.) with an anti-phishing protection.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.