Just Type And I’ll Tell You Who You Are!

User authentication or “who is behind the keyboard” is one member of the “triple-A” or “AAA” trilogy in security:

  • Authentication : Who are you?
  • Authorization : Are you allowed here?
  • Accounting : From where, how and when did you come here?

Regarding the authentication, there are a lot of methods/technologies available. They can be divided in three groups:

  • Something you know: a password, a PIN code, a passphrase
  • Something you have: a token, a mobile phone, a smartcard
  • Something you are: a fingerprint, a retinal print, voice recognition

To achieve better security level, it’s best to combine two or more of those methods: we speak of strong authentication. Example: something you have (a token) and something you know (the associated PIN code).

Nathan Harrington, a Programmer @ IBM, developed a new method to authenticated users: based on the way they type on their keyboard!
Intra-key release timings for \"nathan\"
He wrote some piece of Perl code and modified the configuration of a standard GDM (Gnome Display Manager).

In fact, the standard login/password pair is still required but the modified GDM adds a new security layer: you need the rights credentials but the username has to be typed in the right way! 😉

For more info, check the IBM web site: http://www.ibm.com/developerworks/opensource/library/os-identify/.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.