Like Passwords: But Faster, Easier and More Secure
We describe and analyze a variant of the traditional password scheme. This is designed to take advantage of standard error-correcting methods used to facilitate text entry on handsets. We call the new approach fastwords to emphasize their primary regular passwords; the former being. Fastwords are approximately twice as fast to enter on mobile keyboards, and three times as fast on full-size keyboards than regular passwords. This is supported by user studies reported herein. Furthermore, these user studies show that fastwords also have considerably greater entropy than passwords,and that their recall rates are dramatically higher than that of passwords and PINs. The new structure permits a memory jogging technique in which a portion of the fastword is revealed to a user who has forgotten it. We show that this results in boosted recall rates, while maintaining a security above that of traditional passwords. We also introduce the notion of equivalence classes—whether based on semantics or pronunciation—and describe uses, including voice-based authentication. The new technology does not need any client-side modification.
Unable to display preview. Download preview PDF.