Saturday, September 7, 2013

Windows 8 Picture Passwords CrackABLE

The "picture passwords" used in Windows 8 machines are more vulnerable than Microsoft hoped, a research team claims. An analysis of more than 10,000 picture passwords found that a significant percentage could be cracked - due to the predictable "points of interest" that users chose. The "gesture" passwords allow users to pick points in an image, instead of using a text-based password. People tend to choose faces, colourful points and eyeglasses, so it's often possible to "guess" such passwords, the team from Arizona State University and Delaware State University said. The team developed algorithms which could crack picture passwords with a high success rate. In a paper presented at the Usenix Conference, "On the Security of Picture Gesture Authentication," the reseearchers, computer science doctoral student Ziming Zhao and computer science master's degree student Jeong-Jin Seo, along with Hongxin Hu, now an assistant professor of at Delaware State University, found that people's choice of "gesture" password tended to follow patterns. <more>

No comments: