The Future Of Computer Security Could Lie Inside Your Head

Let Me Do That Fo You

Guest Blog: Security

Virtual Assistant Brighton

Outsourced Business Services

Imagine this: someone’s pulling your fingernails out one by one in an effort to make you reveal your password. At this stage in the proceedings you’d love to spill the beans, to be frank, but you can’t.  Because the information is stored in an inaccessible area of your brain, you’re completely unable to express it, verbally or in writing.

Now that’s what I call secure.

Science fiction? Funnily enough it’ll soon be fact, if a team of massive-brained researchers at Stanford University in California have anything to do with it.

Hristo Bojinov and colleagues have taught volunteers passwords that they can use but can’t remember, using a spooky combination of cryptography and neuroscience. It’s all about implicit learning and it could eventually change the face of electronic security forever.

The magic of implicit learning

Implicit learning, in a nutshell, means unconsciously learning a pattern. Initial results suggest the phenomenon could form the basis of a super-safe security system. Apparently users can ‘learn’ a unique sequence of letters and/or numbers in just one session, but can’t for the life of them recite it back or write it down.

The phenomenon occurs all the time in everyday life. Say you hear a new word. You find yourself using it correctly straight away, without having to consciously puzzle over the rules behind the grammar you’re using. Bingo – you’ve learned all the complexities behind the word’s use, context and meaning implicitly.

Just how safe is an implicitly-learned password?

You could try to identify someone’s password by forcing them to play the same kind of game used to teach them the password in the first place. But because the password sequences are made up of thirty key presses in six varying positions, it’d be a mighty slow process. The researchers reckon testing 100 users non-stop for a year would deliver less than a 1 in 60,000 chance of hitting the jackpot, which is reassuringly unlikely.

When and where might we see implicit learning used for electronic security?

It’s a way off yet. At the moment the system isn’t user-friendly enough. And there’s a snag: security could still be compromised if a hacker got into a user authentication area. The researchers predict it’ll probably be best used in high-risk scenarios, for example access systems for military facilities.

As for the longer term, who knows? One day you might just find yourself the proud owner of a password so secure you don’t even know it yourself. In the meantime, Bojinov will present his team’s findings at the USENIX Security Symposium in Washington DC on August 8th.

If you are in need of more small business help and advice, you’ll find loads here, and even more here!

Written by

Comments are closed.