User authentication or “who is behind the keyboard” is one member of the “triple-A” or “AAA” trilogy in security:
- Authentication : Who are you?
- Authorization : Are you allowed here?
- Accounting : From where, how and when did you come here?
Regarding the authentication, there are a lot of methods/technologies available. They can be divided in three groups:
- Something you know: a password, a PIN code, a passphrase
- Something you have: a token, a mobile phone, a smartcard
- Something you are: a fingerprint, a retinal print, voice recognition
To achieve better security level, it’s best to combine two or more of those methods: we speak of strong authentication. Example: something you have (a token) and something you know (the associated PIN code).
Nathan Harrington, a Programmer @ IBM, developed a new method to authenticated users: based on the way they type on their keyboard!
He wrote some piece of Perl code and modified the configuration of a standard GDM (Gnome Display Manager).
In fact, the standard login/password pair is still required but the modified GDM adds a new security layer: you need the rights credentials but the username has to be typed in the right way! 😉
For more info, check the IBM web site: http://www.ibm.com/developerworks/opensource/library/os-identify/.