Over the last few months at least in the streams of information I typically consume, direct issues: Security Now topic of Password Haystacks, xkcs’s comic, Coding Horror, and indirect: Scott Hanselman one and two. Have all commented on the issue around passwords and strength and the need for better passwords.
In this post I am putting forward a novel approach: which as an homage to GRC’s Perfect Paper Passwords and accordingly have titled my approach:
Let’s jump right in with a sample, here I’ve mocked up the very familiar facebook interface with a nice large textbox to put in your Perfect Password Paragraphs™.
Disclaimer: if you’ve gotten this far and haven’t begun to appreciate the humour I’m so sorry, please don’t send me hate mail.
Features:
- A big text area where with probable difficulty you have to type 100+ words to authenticate.
- Typographical errors are ok as long as they are consistent for you.
- A flow of sentences following a theme/style just needs to sound like the individual attempting to gain access.
- “Sound Like” is a trademark (patent indefinitely pending) of Josevski Research Corp, is the flux capacitor grade specialty of this authentication system.
Comparison metrics:
- Writing style
- Choice of punctuation, frequency of commas, periods, ect.
- Grammar choice.
- spelling (American vs British English).
- Consistency of spelling errors.
- Choice of tense (present, past, and future)
Future Features based on demand:
- International support.
- 1337 sp34k.
- Baby talk.
- Obscure localised slang.
- Pig Latin.
- iOS, Windows Phone 7 and Android Support.
Alpha product coming online in 6-8 weeks 😉