Faces replace passwords
A security firm is desperately hoping computer users will never forget a face with a new authentication system that aims to replace passwords.
Passfaces works like a virtual identity parade. Each user is assigned three random faces, which they must commit to memory during a training process. Then, every time they attempt to log in, they’re presented with a series of 3×3 grids containing their “passface” and eight decoy images. The user must correctly identify each of their three chosen faces to gain entry to the system.
Every time the user logs in they will see the same passface and eight decoy images, but the grid is jumbled to ensure that snoopers can’t simply note the square being selected.
The company claims that it’s far easier for humans to recollect faces than passwords. “We know a familiar face within 20 milliseconds,” claims Shaun Frome, managing director of ACAL, the UK distributor for Passfaces. “We’re essentially putting a cookie in your brain.”
PC Pro tested those claims by putting eight members of our team through the three-minute training site, and then asking them to revisit the site a day later to see if they remembered their allocated faces. The PC Pro team had a 100% success rate. “We’ve had people come back a year later and remember the faces,” says Passfaces’ vice president of product development, Andrew Ryan.
Passfaces hopes online banks, internet retailers and local government will adopt the system, and the company plans to make a PC version of the software available for individual users.
You can take the online trial at www.passfaces.com. Let us know how you get on and what you think of they system by clicking Comments below.