Live Science Plus
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Delivered Daily
Daily Newsletter
Sign up for the latest discoveries, groundbreaking research and fascinating breakthroughs that impact you and the wider world direct to your inbox.
Once a week
Life's Little Mysteries
Feed your curiosity with an exclusive mystery every week, solved with science and delivered direct to your inbox before it's seen anywhere else.
Once a week
How It Works
Sign up to our free science & technology newsletter for your weekly fix of fascinating articles, quick quizzes, amazing images, and more
Delivered daily
Space.com Newsletter
Breaking space news, the latest updates on rocket launches, skywatching events and more!
Once a month
Watch This Space
Sign up to our monthly entertainment newsletter to keep up with all our coverage of the latest sci-fi and space movies, tv shows, games and books.
Once a week
Night Sky This Week
Discover this week's must-see night sky events, moon phases, and stunning astrophotos. Sign up for our skywatching newsletter and explore the universe with us!
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
NEW YORK -- Between super powered hacker computers and keystroke recording malware, traditional passwords may no longer be secure enough. To overcome these problems, computer scientist Bill Cheswick has devised a new method for logging into secure areas: clicking on a map.
Speaking at the New York Institute of Technology Cyber Security Conference this past Wednesday, Cheswick described how users could memorize the exact spot on a satellite photo, with the longitude and latitude serving as the access code. By zooming down through the map to the high level of resolution, users can graphically produce a nearly unbreakable password that neither people nor viruses could track.
“The key idea is that you have a data set with very deep data, and you have to drill down. You could drill down on a map of anything. Probably better if it’s a map of someplace you’ve never been, so you’re not tempted to pick your childhood home,” said Cheswick, a scientists at AT&T research. “You could have a 10 digit latitude, and a 10 digit longitude, then you have a 20 digit password.”
Computer security protocols that involve clicking on a picture instead of typing a password have existed for 15 years. While clicking on a photo does defeat hacking programs that use dictionaries to break passwords, specially designed programs have evolved over the last decade that track mouse location specifically to break picture-based passwords.
By using a map with zoom, this new method renders those mouse-tracking programs useless. Sure, the virus will know where the mouse clicks, but unless it knows what map the user is looking at, and how deeply zoomed in they are, the hacking program can’t record the longitude and latitude that serve as the password.
To date, Cheswick has not done any usability studies on this technique, so he’s unsure whether or not it is easy enough for use by the general public. However, with threat of password cracking hackers increasing by the day, convenience of use may have to take a back seat to security.
