Re: Password hacker killer

by calin (Deacon)
in reply to Password hacker killer

You can challenge the user with a so called Reverse Turing Test. It's basically a low quality and partially scrambled rendering of a random text or number (to prevent OCRing) that the user must interpret and submit back before being allowed to continue with the log-in procedure. See this paper for more info.

by merlyn (Sage) on Sep 07, 2003 at 17:29 UTC

      What about challenging them with simple pseudo riddles. Although not perfect it could work. With enough variation in the questions and the format you could make it difficult.

      Please enter the answer to the following question: (number of days in a year) + (the hours in a day) + (the number of wis +e men)

      People friendly, computer not. At least it would stimulate growth in NLP and common sense bots :)

      Eric Hodges
        That suggestion is very culture dependent. I think I know the answer to your question:
        hmm... or is it 365+12+3?
        or 365+24+3 or...

        You get the idea?

        It gets worse if you use questions that you are 'certain' the users knows the answer to.
        Eg. how many players on a football team?
        Answer: 7, 11 or whatever is the normal number in your context.

      WOW! Thanks for the heads up, that could have bitten me in the butt hard... I had considered that for a system I am working on, guess that one goes off the drawing board now :) Just goes to show, no matter how much you think out a solution, there is always something lurking around the corner that you just don't expect.

