For my final project in ART307 (this project will span the rest of this semester), I will be designing an experience around the concept that passwords are broken, and that we need a new way to authenticate and authorize individuals. The XKCD comic below outlines it perfectly:
What I envision is a system for user authentication that recognizes who you are, where you are, and, more importantly, when you are not there, or when it is no longer you sitting in front of the screen. Imagine having this level of integration and seamlessness with your computer, or any interface-able device, all achieved and secured with very little effort on the part of the user (certainly without you having to memorize any long strings of random numbers!). I imagine an authentication system that is both completely effortless for the user (imagine blinking your eyes and instantly being logged into your favorite accounts, password manage, etc.), while still remaining extremely secure.
Here is the research that I have found so far:
- The Atlantic – The Password Fallacy: Why Our Security System Is Broken, and How to Fix It
- DARPA Research – Active Authentication
- Ars Technica – How Crackers Make Minced Meat Out of Your Passwords
- Medium – Passwords Are Broken, a Temporary Fix
- Time Magazine – The Username/Password System Is Broken: Here Are Some Ideas for Fixing It
Last but not least, if you are interested in the validity of the above XKCD comic strip, you should definitely check out xato.net’s Analysis of the XKCD Passphrase Comic.