iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Scientists Studying Ways To Make Computer Passwords More Secure
Search:
[ insider_reports_insider ]

Scientists Studying Ways To Make Computer Passwords More Secure



Mike Sachoff
Staff Writer
2009-11-12

SecurityProNews: Insider Reports Insider Reports RSS Feed


Computer scientists at Rutgers University are working on ways to make online passwords more secure.

Scientists Studying Ways To Make Computer Passwords More Secure
Scientists Studying Ways To Make Computer Passwords More Secure

The scientist say when users forget their password for accessing their email account or an online shopping site the security questions, such as "what is your mothers maiden name?" are too easy for cybercriminals to guess.

Rutgers computer scientists are testing a new tactic that could be both easier and more secure.

"We call them activity-based personal questions," said Danfeng Yao, assistant professor of computer science in the Rutgers School of Arts and Sciences. "Sites could ask you, 'When was the last time you sent an e-mail?' Or, 'What did you do yesterday at noon?'"

Early studies suggest that questions about recent activities are easy for legitimate users to answer but harder for potential attackers to find or guess.

"We want the question to be dynamic," she said. "The questions you get today will be different from the ones you would get tomorrow."

Yao said she gave students in her lab a list of questions related to network activities, physical activities and opinion questions, and told them to "attack" each other.

"We found that questions related to time are more robust than others. Many guessed the answer to the question, 'Who was the last person you sent e-mail to?' But fewer were able to guess, 'What time did you send your last e-mail?'"

Yao says that it should not be difficult for an online service provider to formulate these kinds of security questions by looking at its users' e-mail, calendar activities or previous transactions. Computers would have to use natural language processing tools to synthesize understandable questions and analyze the answers for accuracy.

Yao is proposing further studies to determine the practicality of the new approach and the best way to implement it.

View All Articles by Mike Sachoff




About the Author:
Mike is a staff writer for WebProNews. Visit WebProNews for the latest ebusiness news.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2009 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds