Skip to main content

See also:

App prototype may be the end of passwords

This is an example of how Facelock could be implemented in practice.
This is an example of how Facelock could be implemented in practice.Credit: Rob Jenkins Usage Restrictions: None

A newly proposed app that is based on the strengths of human memory has been initially tested and shown to improve password memory and to improve security versus present methods of password recognition. The preliminary study was conducted by Dr. Rob Jenkins of the University of York in the United Kingdom. The study was published in the June 24, 2014, edition of the journal PeerJ.

The basis of the new system is the human ability to recognize faces even in photographs of extremely low quality. Facial recognition has been documented as an extremely reliable human characteristic. The basis for computer security is the almost infinite number of photos of individuals available. The system has been named Facelock.

The user selects a total of nine photos. The photographs can be friends, family, a favorite musician, a historical figure, or any person. The simplicity of the logic is that the user has to remember only one face of the nine. The user enters their password by touching the predefined photo. The durability of the system is inherent in the human mind’s ability to recall faces accurately over time. This structure eliminates the need for more complex passwords as internet thieves become more adept at manipulating software.

The initial tests of the Facelock system show users had a 99.7 percent level of memory of the password photo. Memory declined by nine percent if the user did not use the photographic password for a year. The success rate of a hacker that did not know the user was about one percent. People who knew the user could hack the password about seven percent of the time. Additional security can be provided by using multiple photographs of the same person. This option reduced hacker success to two percent.

The development of the system is still in a prototype phase. The developers expect the photo password security tool to be available as an app within six months to a year. The applicability of the new system to any password protected system is presented as possible by the study results.