Commentary

CAPTCHAs With Chaos: Strong Protection for Weak Passwords

The passwords of the future could become more secure and, at the same time, simpler to use.

Researchers at the Max Planck Institute for the Physics of Complex Systems in Dresden have been inspired by the physics of critical phenomena in their attempts to significantly improve password protection. The researchers split a password into two sections. With the first, easy-to-memorize section they encrypt a CAPTCHA (“completely automated public Turing test to tell computers and humans apart”) — an image that computer programs per se have difficulty in deciphering.

The researchers also make it more difficult for computers, whose task it is to automatically crack passwords, to read the passwords without authorization. They use images of a simulated physical system, which they additionally make unrecognizable with a chaotic process. These p-CAPTCHAs enable the Dresden physicists to achieve a high level of password protection, even though the user need only remember a weak password.

Computers sometimes use brute force. Hacking programs use so-called brute-force attacks to try out all possible character combinations to guess passwords. CAPTCHAs are therefore intended as an additional safeguard the input of which originates from a human being and not from a machine. They pose a task for the user which is simple enough for any human, yet very difficult for a program. Users must enter a distorted text which is displayed on the screen, for example. CAPTCHAs are increasingly being bypassed, however. Personal data of members of the “SchülerVZ” social network for school pupils have already been stolen in this way. Continue reading…

Related Posts

Some File-Sharers Leave Trails To Their Front Door Following the publication of a paper which investigates how using the same username across multiple web sites may expose Internet users to scammers, T...
Neuroprivilogy: The New Frontier of Cyber Crime The first step of this discussion is defining a fancy term to help educate and describe this new phenomenon: Neuroprivilogy. As the name suggests Ne...
The Open Source trials: hanging in the legal balance of copyright and copyleft For those meddling in open source software affairs, compliance with licenses is a very hot topic. In the last 2 years we have witnessed the licensing ...
He can steal your smart phone’s and tablet’s encryption keys If you think that the encryption keys that your smart phone or tablet computer uses to protect data you want to keep others from accessing is secure, ...
Open source software fundamental to success in the mobile and consumer electronics markets By Ari Rauch, Linaro board member: Today more than ever before, our industry views open source software (OSS) as fundamental to success in the mobile ...
Search leakage is not FUD Lately I've been accused by some of spreading fear, uncertainty and doubt (FUD) by trying to let people know their search terms are being leaked to th...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*