Microsoft's new "security" idea

[BrainStop]

Microsoft is working on a new password scheme, based on images:

The Register: Picture this: image-based passwords

Now ... would this really offer more secure passwords, or would people still write down the combination on a yellow Post-It stuck on their monitor?

Cheers,

BrainStop

[Rewandythal]

Hmm, interesting, but I'd still rather have a 17-char mixed case with numbers & symbols text password, than clicking 4 or 5 images.

[gstudios]

I would much rather type my password than click "Tux" (twice) "O'reilly Linux book" (once) "Pam Anderson" (once) "Tom Green" (once) "Bill Gates" (once) -

Also where are these pictures located, and how many other pictures are mixed in with them?

I agree that pictures are much easier to remember than ttp45pwd500 or whatever.
MS is probably suggesting this new scheme of security, because they are targetting consumers are barely computer literate.

[Rewandythal]

Agreed, gstudios.
I could actually remember a text password easier than a picture sequence, since I download hundreds of wallpapers, logos etc. a day, I'd never remember one from the other.

[RiOtEr]

it woujld just become habit though think about it would u rember 123jhf432 of by heart if u didnt use it everyday i think its a shitty idea but worth a think

[hot_ice]

But if people wanted to break into it, it would still be possible. I mean you can create scripts that would pick one user ID and then just run until they got the right combination of pictures clicked. I don't see how it could be more secure then a very good text-based password, such as 'du3Pg90dZs6a' or something. I understand that 'du3Pg90dZs6a' might be hard to remember, but when you enter it all the time, it would become second nature.

Mind you, I haven't seen this new security idea 'in action', so it could be more advanced, but that's what I gathered from reading that link.

Greg

[Mankan]

I don't think the issue is wether these picture thingies are more secure, but rather that they are easier to remember so that people might stop using passwords like "Emma" or "tomgreen".

[[WebCarnage]]

I don't think this password scheme will be taken to seriously over the next few years. Brute forcing will still be possible, and this is just an 'easier' way of punching in a password. Whoever is familiar with BF'ing, then you should know that

i23ot9u2oijw0982ijt

Will take about forever to get with just one PC, while on the other hand, clicking an image one or two times in sequence isn't so hard. Only if the number of clicks increases, but obviously few people will select one picture and one click.

This is just a lazy-people's way of entering a secure website. I only hope that this isn't something like:

• Click number one on 56k
• Wait for page to refresh
• Click number two
• wait for page to refresh
• etc.etc.

....man.

[jcmcb]

Something about this idea doesn't sit right with me... Are these picts stored on a website or in a locally based program? Is the passowrd the location clicked, and the picts are just a cute way to indicate position? This sounds like a keypad with pictures instead of alpha-numerics....but I could be totally off on this one...

[cwk9]

I can't see this catching on.