SECURITY

Password Analysis Measures Typing Speed and Rhythm

Rebecca Kutzer-Rice | Date: 05-27-11 | Comments

• 20
• PrintPDF
• Filed Under: Security




• Researchers have created a key-pattern analysis program that measures the speed and rhythm at which a password is typed. These biometrically based passwords are more secure than traditional passwords and could help prevent hacking attacks on both companies and individuals.

• With the rise of phishing attacks and keystroke logging, it's clear that even the most complicated and frequently updated password is not totally secure. A new approach from researchers at American University of Beirut analyzes more than just the characters of passwords—it also verifies the speed and rhythm at which they are typed.

  Key-pattern analysis (KPA)—the examination of typing beat and speed—can also measure the force with which a user taps keys. This type of analysis creates a biometric profile of the user. Even if the right numbers, letters and symbols are entered, if the biometric profile does not match, the password will fail.

  Key-pattern analysis could give rise to a new generation of passwords.
  

  KPA usually requires specially modified keyboards. In their study, the researchers, including Ravel Jabbour, Wes Masri and Ali El-Hajj, avoided modified keyboards, which are inconvenient for users to obtain and install. They also identified other problems with traditional KPA. Typically, for example, analysis focuses on inter-timing, the pause between pressing each key. Researchers found that this measurement was not accurate enough to identify legitimate users.

  The new KPA program measures intra-timing, how long each key is pressed. This measurement is more robust than inter-timing, and it more accurately distinguishes legitimate from illegitimate users. Using a standard keyboard, the program gathers information about a user from electrical signals in the keys.

  When a user types in the password, the program compares its typing pattern with a pre-stored pattern created by the user during initial setup. The KPA algorithm looks at both inter- and intra-timing to confirm a user's identity.

  As with traditional passwords, a longer password is better for KPA security, since it produces a more complex typing pattern than shorter combinations. Typing patterns for longer passwords, however, could be more difficult for a user to reproduce.

  For group accounts and company teams, the KPA program can create multiple profiles for the same password to ensure the ability to share securely. 

  Better KPA programs like this could mean the rise of a new generation of biometrically based passwords—translating to more secure personal and company accounts.

   

IBM Resources

• Protecting against cyberthreats in the modernbusiness infrastructure
• Managing Threats in the Digital Age Whitepaper
• IBM solutions for cybersecurity: Solutions for mitigating threats in the government sector
• 2011 IBM X-Force Mid-Year Trend and Risk Report

Most Read

• Tablets, Smartphones Obsolete PowerPoint
• Top 10 Innovations of 2012
• Cloud Desktop Boosts Small Business
• Quantum Computing Almost Here
• Recent Reports Examine Smartphone Shopping Behaviors
• SMB BI Adoption Grows, Shifts to Cloud
• Tool Educates SMBs on the Cloud
• Facebook Gaming in Decline
• Meeting the Increasing Demand for Remote Internships

Trending

• Robots Construct Reconfigurable Buildings
• Cloud Desktop Boosts Small Business
• Nintendo Wii Diagnoses Eye Malady
• Smart Cities Win Awards
• Shipboard Humanoid Robot to Aid Navy
• Facebook Gaming in Decline
• Motion Control Vaults Augmented Reality
• Success Depends on Phrasing
• How Big Data is Becoming Big Business for the Travel Industry

RELATED CONTENT

• When Online Attacks Are Beneficial
• Moving Closer to a One-Person, One-Password World?
• Denying Harm: New Defense Method Deflects DoS Collateral Damage
• Stronger Authentication Measures on Tap to Battle Fraud
• Emerging Cyber-threats Predicted for 2011
• Game Theory Improves Detection of Security Breaches
• Internet Security Showing Progress

View the IBM Smarter Analytics Leadership Summit

Videos

TWITTER FEED

• 16 minutes agoIBM #SmartCloudEnterprise webcast on June 14 at 11AM (CEST), offering in 5 languages >> Register here http://t.co/IQMx8VJ1 [link in German]
  
• about 1 hour agoRT @CloudSlam IBM #Cloud VP Michael McCarthy to Keynote #CloudSlam 2012 - May 31 at 13.00pm http://t.co/rj1IOZSQ #CloudComputing
  
• about 2 hours agoBaran ErdoÄŸan of @IBMTurk will address @IDC's #Cloud Computing and Datacenter Roadshow 2012 on May 24 Istanbul, Turkey http://t.co/JeiJvhyL
  
• about 3 hours agoTry out the IBM #PureSystems Cloud trial - 90 days no charge >> http://t.co/OhMc5qKv #ibmcloud
  
• about 4 hours ago#CloudForum 2012: “Spring Editionâ€� on May 24 @ Utrecht, Netherlands. Don’t miss keynote of #IBM's Fiona Cullen http://t.co/yKHRMhTw [Dutch]
  
• about 5 hours agoBlog Post: #Cloud industrializes #ERP with IBM Lifecycle as a Service (LCaaS) for SAP Solution http://t.co/w0GoaY6z #thoughtsoncloud
  
• about 5 hours agoGood Morning Europe!
  
• about 5 hours agoThat is it from Asia-Pacific! Over to #Europe!
  
• about 5 hours agoIBM Impact 2012 in June at multiple cities in #India >> Mumbai, Bangalore & Delhi. Details: http://t.co/rjnqO137 #IBMImpact
  
• about 7 hours agoCustomWare & Australia-based GLiNTECH collaborates to deliver IBM Cast Iron #cloud integration services http://t.co/Q2tEhdQN #ibmcloud
  
< PrevNext >

JOIN US

Like us on Facebook Follow us on Twitter Get the Smarter Tech Newsletter Register to view the archived "Data Center Optimization Techniques: Stop Wasting Time & Money" eSeminar Register Now >

Connect with the The Future of IT Architecture blog