<p>With an ever-increasing cases of online account hacking being reported, it's getting difficult to protect passwords and keep the accounts safe. But worry no more.<br /><br /></p>.<p>A computer scientist has devised what he calls 'geographical passwords' to protect online accounts and keep the hackers at bay.<br /><br />Computer scientist Ziyad Al-Salloum of ZSS-Research in Ras Al Khaimah, UAE, has devised 'geographical passwords' as a simple yet practical approach to access credentials that could provide secure access to different entities.<br /><br />At the same time, it would mitigate many of the vulnerabilities associated with current password-based schemes.<br /><br />The new 'geo' approach exploits our remarkable ability to recall with relative ease a favourite or visited place and to use that place's specific location as the access credentials.<br /><br />The prototype system developed at ZSS-Research is capable of protecting a system against known password threats.<br /><br />"It's much easier to remember a place you have visited than a long, complicated password," argued Al-Salloum.<br /><br />Even strong, but conventional passwords are a security risk in the face of increasingly sophisticated "hacker" tools that can break into servers and apply brute force to reveal passwords.<br /><br />Indeed, over the last few years numerous major corporations and organisations - LinkedIn, Sony, the US government, Evernote, Twitter, Yahoo and many others - have had their systems compromised to different degrees.<br /><br />"Proposing an effective replacement of conventional passwords could reduce 76 percent of data breaches, based on an analysis of more than 47,000 reported security incidents," stressed Al-Salloum.<br /><br />The geographical password system utilises the geographical information derived from a specific memorable location around which the user has logged a drawn boundary - longitude, latitude, altitude, area of the boundary, its perimeter, sides, angles, radius and other features form the geographical password.<br /><br />Once created, the password is then "salted" by adding a string of hidden random characters that are user-specific and the geographical password and the salt "hashed" together.<br /><br />Thus, even if two users pick the same place as their geographical password the behind-the-scenes password settings is unique to them.<br /><br />If the system disallowed two users from picking the same location, this would make it much easier for adversaries to guess passwords.<br /><br />The research was published in the International Journal of Security and Networks.<br /></p>
<p>With an ever-increasing cases of online account hacking being reported, it's getting difficult to protect passwords and keep the accounts safe. But worry no more.<br /><br /></p>.<p>A computer scientist has devised what he calls 'geographical passwords' to protect online accounts and keep the hackers at bay.<br /><br />Computer scientist Ziyad Al-Salloum of ZSS-Research in Ras Al Khaimah, UAE, has devised 'geographical passwords' as a simple yet practical approach to access credentials that could provide secure access to different entities.<br /><br />At the same time, it would mitigate many of the vulnerabilities associated with current password-based schemes.<br /><br />The new 'geo' approach exploits our remarkable ability to recall with relative ease a favourite or visited place and to use that place's specific location as the access credentials.<br /><br />The prototype system developed at ZSS-Research is capable of protecting a system against known password threats.<br /><br />"It's much easier to remember a place you have visited than a long, complicated password," argued Al-Salloum.<br /><br />Even strong, but conventional passwords are a security risk in the face of increasingly sophisticated "hacker" tools that can break into servers and apply brute force to reveal passwords.<br /><br />Indeed, over the last few years numerous major corporations and organisations - LinkedIn, Sony, the US government, Evernote, Twitter, Yahoo and many others - have had their systems compromised to different degrees.<br /><br />"Proposing an effective replacement of conventional passwords could reduce 76 percent of data breaches, based on an analysis of more than 47,000 reported security incidents," stressed Al-Salloum.<br /><br />The geographical password system utilises the geographical information derived from a specific memorable location around which the user has logged a drawn boundary - longitude, latitude, altitude, area of the boundary, its perimeter, sides, angles, radius and other features form the geographical password.<br /><br />Once created, the password is then "salted" by adding a string of hidden random characters that are user-specific and the geographical password and the salt "hashed" together.<br /><br />Thus, even if two users pick the same place as their geographical password the behind-the-scenes password settings is unique to them.<br /><br />If the system disallowed two users from picking the same location, this would make it much easier for adversaries to guess passwords.<br /><br />The research was published in the International Journal of Security and Networks.<br /></p>