CAPTCHAs With Chaos: Strong Protection for Weak Passwords

The passwords of the future could become more secure and, at the same time, simpler to use.

Researchers at the Max Planck Institute for the Physics of Complex Systems in Dresden have been inspired by the physics of critical phenomena in their attempts to significantly improve password protection. The researchers split a password into two sections. With the first, easy-to-memorize section they encrypt a CAPTCHA (“completely automated public Turing test to tell computers and humans apart”) — an image that computer programs per se have difficulty in deciphering.

The researchers also make it more difficult for computers, whose task it is to automatically crack passwords, to read the passwords without authorization. They use images of a simulated physical system, which they additionally make unrecognizable with a chaotic process. These p-CAPTCHAs enable the Dresden physicists to achieve a high level of password protection, even though the user need only remember a weak password.

Computers sometimes use brute force. Hacking programs use so-called brute-force attacks to try out all possible character combinations to guess passwords. CAPTCHAs are therefore intended as an additional safeguard the input of which originates from a human being and not from a machine. They pose a task for the user which is simple enough for any human, yet very difficult for a program. Users must enter a distorted text which is displayed on the screen, for example. CAPTCHAs are increasingly being bypassed, however. Personal data of members of the “SchülerVZ” social network for school pupils have already been stolen in this way. Continue reading…

Related Posts

Amazon app store for Android welcomes DRM Molly de Blanc: In 2007, Amazon announced their music store. It would, they promised, deliver DRM-free music to U.S. Amazon users. And they did just ...
Benefits of the MeeGo Software Platform The MeeGo open source project is unique in that it offers benefits to everyone in the ecosystem starting from the developer all the way up to the oper...
Does disk encryption really protect your data from unauthorized access? Disk encryption is one of several physical security measures that could be used to protect data on your computer from unauthorized physical access. An...
No, iPhone location tracking isn’t harmless and here’s why It didn’t take long for the blogosphere to respond to research presented on Wednesday that detailed a file in Apple iPhones and iPads unknown to the v...
Game Changing Study Puts Piracy in Perspective To counter the many one-sided piracy studies that have been released by the entertainment industry in recent history, a group of dozens of academics h...
The FBI and Service Provider Wiretapping, or What’s In Your Wallet? The FBI’s apparent desire to require all communications service providers to design a means for law enforcement to access encrypted communications i...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*