US20040162999A1 - Method for improved password entry - Google Patents
Method for improved password entry Download PDFInfo
- Publication number
- US20040162999A1 US20040162999A1 US10/727,428 US72742803A US2004162999A1 US 20040162999 A1 US20040162999 A1 US 20040162999A1 US 72742803 A US72742803 A US 72742803A US 2004162999 A1 US2004162999 A1 US 2004162999A1
- Authority
- US
- United States
- Prior art keywords
- password
- entry
- inter
- unique identifier
- keystroke
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
Definitions
- the present invention relates generally to the entry of passwords, codes or identification numbers into data processing systems, Automated Teller Machines (ATMs), locks, or other security or access control type devices. More particularly, the invention relates to the checking of the rhythm and tempo used for entry of the password, code or identification number.
- ATMs Automated Teller Machines
- U.S. Pat. No. 4,621,334 discloses a personal identification apparatus in which a mean time between keystrokes is used to determine whether a person attempting to gain access is the person who should be granted access to the system.
- U.S. Pat. No. 4,805,222 discloses a method of verifying a person's identity by measuring the average inter-character time between successive pairs of keystrokes and comparing this with a pre-stored sample.
- U.S. Pat. No. 5,557,686 discloses a user verification system in which vectors are constructed from user inputted samples and a neural network is used to determine whether the user inputted samples are similar to a sample entered for user verification.
- U.S. Pat. No. 5,721,765 discloses a security system in which digits of an identification number are separated into two or more groups that must be entered with a predetermined time delay between each of the two or more groups.
- U.S. Pat. No. 6,151,593 discloses a neural network which compares a timing vector extracted from the keystrokes a user has typed in with a training set to authenticate the identity of the user.
- the invention provides a method of authenticating a user where the method comprises: providing a user unique identifier, the unique identifier comprising both a sequence of keystrokes and the inter-keystroke intervals associated with provision of those keystrokes; comparing the unique identifier provided by the user with a reference unique identifier by: comparing the absolute inter-keystroke intervals of the unique identifier with the absolute inter-keystroke intervals of the reference unique identifier and returning a true indication if the absolute inter-keystroke interval of the unique identifier is within a predetermined tolerance of the absolute inter-keystroke interval of the reference identifier; comparing the relative inter-keystroke intervals of the unique identifier with the relative inter-keystroke intervals of the reference unique identifier and returning a true indication if the relative inter-keystroke interval of the unique identifier is within a predetermined tolerance of the relative inter-keystroke interval of the reference identifier; authenticating said user if both said absolute comparison step and said relative comparison step return a true
- the invention has the advantage that both the absolute inter-keystroke interval and the relative inter-keystroke interval are compared and if the two comparisons are sufficiently close, that is, within a predetermined tolerance, then the comparison is true. In this way a user can add a rhythm and a tempo to the way in which they enter the unique identifier.
- the relative inter-keystroke intervals are the ratio of the inter-keystroke intervals and the inter-keystroke interval between entry of the first of said sequence of keystrokes and the second of said sequence of keystrokes.
- the use of the relative inter-keystroke intervals being calculated as relative to the first inter-keystroke interval provides for simple computation of the required relative ratios.
- the method further comprises the step of entry by the user of the reference unique identifier and wherein said predetermined tolerance is determined during said step of entry by the user of the reference unique identifier.
- This allows the method to determine the most appropriate tolerance from the initial entry of the reference unique identifier. The tolerance must be sufficiently large that authentication is not refused due to minor variations in entry of the unique identifier, but also that authentication is not given when the unique identifier is not entered by the authorized user.
- said predetermined tolerance is explicitly set by the user.
- the invention also provides a computer program comprising computer program code means adapted to perform the steps of any one of the methods described above.
- rhythm is intended to mean absolute measures of the time interval between the entry of each character or number of the password and password is taken to mean a password, code or identification number. That is, for example, if the characters being entered are “fred”, then the interval between entering each of characters “f” and “r” might be 203 milliseconds (mS), the interval between entering each of characters “r” and “e” might also be 203 mS, and the interval between entering each of characters “e” and “d” might be 156 mS.
- Rhythm Tolerance is intended to mean the variation from these absolute values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted. For example, using the intervals mentioned above, with a Rhythm Tolerance of 25%, a range of 153 mS to 253 mS (203 mS plus or minus 25%) might be acceptable for the interval between entering “f” and “r” and a range of 117 mS to 195 mS (156 mS plus or minus 25%) might be acceptable for the interval between entering “e” and “d”.
- tempo is intended to mean relative measures of the time interval between the entry of each character or number of a password, code or identification number.
- Tempo Tolerance is taken to mean the variation from these Tempo (relative) values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted.
- FIG. 1 is a flow diagram of a learning mode of an embodiment of the present invention
- FIG. 2 is a screen image at step 102 of FIG. 1;
- FIG. 3 is a screen image after step 104 of FIG. 1;
- FIG. 4 is a screen image after step 106 of FIG. 1;
- FIG. 5 is a screen image of the error indication displayed at step 110 of FIG. 1;
- FIG. 6 is a flow diagram of a secure mode of an embodiment of the present invention.
- FIG. 7 is a screen image of the error indication displayed at step 614 of FIG. 6;
- FIG. 8 is a screen image of the error indication displayed at step 610 of FIG. 6;
- FIG. 9 is a screen image of the error indication displayed at step 618 of FIG. 6.
- FIG. 10 is a screen image of the tempo checking portion of the present invention.
- the system into which the password is entered must learn the rhythm associated with a password when it is first entered.
- the system does this by having a Learning Mode in which the password is entered and the rhythm is learnt. This might be a single entry of the password, but is preferably at least three entries of the password in order to allow for variation in entry of the password.
- a Secure Mode is used, in which the password is entered and checked.
- FIG. 1 shows a flow diagram of a Learning Mode of a first embodiment of the present invention.
- a program window shown in FIG. 2 is created on the screen.
- the program window 200 has a window title 202 of “No Reference Password”.
- a Rhythm Tolerance slider 204 is set to an initial value of 25%.
- Push-button 210 identifies that this is a LearnMode.
- Push-button 206 to enter Secure Mode and tick-box 208 to Enable Rhythm Checking are initially disabled.
- the Enter Password window 212 is initially blank, ready for entry of a password.
- the message window 214 is initially empty.
- a first entry of a password is made.
- the window title 302 is now Reference Password: ‘fred’, since the password entered was “fred”.
- a message is displayed in the message box 214 which says “New reference password accepted.
- the password that was typed in appears in the Enter Password window 212 and learn count window 218 has the text “0 Learnt” displayed in it because although one password entry has been made, this has been used to determine what characters or numbers the password consists of.
- this first entry of the password could be used as part of the learning process.
- FIG. 4 shows a screen shot taken after the second entry of the password has been made.
- each character of the password is entered, it is displayed in the message box 214 with the elapsed time interval between entry of each character in ms shown. Additionally, an acceptable range of time intervals computed using the rhythm tolerance may be shown. In the example of FIG. 4, this is not shown until a third entry of the password had been made, although this is not an essential feature of the invention and it could be shown after a first entry, or a second entry or a subsequent entry of the password.
- step 108 of FIG. 1 If the second entry of the password matched the first entry of the password, the words “Password accepted.” are displayed and the learn count window 218 now displays a learn count of 1. Processing moves to step 112 of FIG. 1 where an acceptable range of rhythm values is set. As an example, the message window of a subsequent entry might show:
- the acceptable rhythm range has been set between 153 ms and 253 ms for the time interval between entry of “f” and “r”, that is the time interval for the initial entry with a 25% tolerance applied.
- the ranges are 153 ms to 253 ms and 117 to 195 ms respectively.
- the time interval between entry of “f” and “r” was outside the acceptable range and so failed for that entry.
- the time intervals between entry of “r” and “e” and for “e” and “d” were within the acceptable ranges for those time intervals and so passed for those entries.
- FIG. 5 shows a screen shot taken after an incorrect second entry of the password has been made.
- the words “Password text incorrect.” and “Password not accepted.” are displayed in the message window 214 and the learn count displayed in the learn count window 218 is not incremented.
- An “Invalid Entry” indication 502 is displayed in the program window 500 .
- a Secure Mode is enabled and the push-button 206 for the Secure Mode may be selected.
- a check is made as to whether the Secure Mode has been selected. If the Secure Mode has been selected, then the Learning Mode is exited at step 118 of FIG. 1 and the Secure Mode (described later with reference to FIG. 6) is entered.
- subsequent entries of the password can be made at step 120 of FIG. 1.
- a test is done to see if a subsequent entry matches the first entry. If a subsequent entry does match a first entry, then at step 124 of FIG. 1 the acceptable range is modified to take into account the values of the subsequent entry and processing returns to step 116 of FIG. 1. If a subsequent entry does not match the first entry, then an error indication is displayed at step 126 before processing returns to step 116 of FIG. 1.
- FIG. 6 shows a flow diagram of a Secure Mode.
- a secure mode is entered at step 602 .
- Rhythm checking is allowed, although not enabled at step 604 . This is achieved in the exemplary embodiment by allowing selection of the tick box ( 208 in FIG. 7) but not having the tick box ticked by default.
- the password is entered by the user.
- a check is made as to whether or not the password text is correct. If the password text is not correct, then “Password text incorrect” and “Password not accepted” messages are displayed in the message box ( 214 in FIG. 8) and an indication ( 502 in FIG. 8) is provided that the password is an invalid entry and an indication ( 802 in FIG. 8) is provided that the password is not accepted. Processing returns to step 606 to accept the entry of password. If the password text is correct, then at step 612 , a check is made as to whether rhythm checking is enabled. If rhythm checking is not enabled, then at step 614 the password is accepted and a “Password accepted” message is displayed in the message box ( 214 in FIG. 7) and an indication ( 702 in FIG. 7) is displayed that the password is accepted.
- rhythm checking is enabled, then at step 616 , the individual time intervals are checked to see if they fall within the respective ranges for those time intervals. If any of the time intervals do not fall within the acceptable ranges, then “Password rhythm incorrect” and “Password not accepted” messages are displayed in the message box ( 214 in FIG. 9) and an indication ( 802 in FIG. 9) is provided that the password is not accepted. Processing returns to step 606 to accept the entry of password. If all of the time intervals fall within the acceptable ranges, then at step 620 the password is accepted and a “Password accepted” message is displayed in the message box ( 214 in FIG. 7) and an indication ( 702 in FIG. 7) is displayed that the password is accepted.
- tempo is intended to mean relative measures of the time interval between the entry of each character or number of a password, code or identification number. That is, for example, if the characters being entered are “fred”, then the interval between entering “f” and “r” might be 203 mS, the interval between entering “r” and “e” might also be 203 mS and the interval between entering “e” and “d” might be 156 mS.
- the first inter-character interval that is, the interval between entering “f” and “r”, may be used as an “anchor” for checking the relative timing for the rest of the password.
- the second and subsequent inter-character intervals are divided by this first interval to give values for the tempo. So the Tempo value for the interval between entering “r” and “e” would be 203 mS divided by 203 mS, that is 1.00 and the Tempo value for the interval between entering “e” and “d” might be 156 mS divided by 203 mS, that is 0.77.
- the average of the inter-character intervals may be used as an “anchor”.
- Tempo Tolerance is taken to mean the variation from these Tempo (relative) values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted. For example, using the intervals mentioned above, with a Tempo Tolerance of 25%, a Tempo value of 0.75 to 1.25 (1.00 plus or minus 25%) might be acceptable for the interval between entering “r” and “e” and a range of 0.58 to 0.96 (0.77 plus or minus 25%) might be acceptable for the interval between entering “e” and “d”.
- the system into which the password is entered must learn the tempo associated with a password when it is first entered.
- the system does this by using a Learning Mode and a Secure Mode in which the password is entered and the tempo is learned.
- FIG. 10 shows a program window 1000 with a window title 202 of “Reference Password: “fred”.
- a Rhythm Tolerance slider 204 is set to an initial value of 25% and a Tempo Tolerance slider 1002 is set to an initial value of 25%.
- Tick-box 1004 is included to enable Tempo checking.
- Message window 214 shows the elapsed time interval between entry of each character in ms, the range that is acceptable and whether the time interval is within the acceptable range. Additionally or alternatively for this embodiment, the reference tempo is shown, together with the minimum and maximum values and whether or not the tempo is within the tolerance range.
- FIG. 10 includes a graphical display 1006 of the rhythm and a graphical display 1008 of the tempo.
- the nominal value is shown together with the acceptable range. Additionally, the actual value for this entry is shown. It can then be seen graphically whether or not the actual value falls within the accepted range.
- FIGS. 2 to 5 and 7 to 10 and the associated description describe an embodiment that is a demonstration of the principles of the present invention.
- Considerable feedback is provided to the user in the embodiments described in order for the user to understand how the invention works and in order to allow the reader of this specification to fully understand the invention.
- Practical implementations of the invention however, though claimed herein, are not likely to include or require each and all of the heretofore explainede features. For example, it is unlikely that the window title of a practical implementation would include the test of the password itself.
- this password text has been included for exemplary purposes only. While the embodiments described might be implemented in a manner similar to that described for the learning mode, the secure mode a minimal user interface is likely to be used with the user merely being asked to provide a password and being informed whether or not that password has been accepted, without being told why it was not accepted. However, the principles of FIGS. 1 and 6 are likely to be implemented.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Social Psychology (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
Description
- 1. Field of the Invention
- The present invention relates generally to the entry of passwords, codes or identification numbers into data processing systems, Automated Teller Machines (ATMs), locks, or other security or access control type devices. More particularly, the invention relates to the checking of the rhythm and tempo used for entry of the password, code or identification number.
- 2. Description of Related Art
- It is known that IBM Technical Disclosure Bulletin v.30, n.5, October 1987, p.258, entitled “Passwords for Computer Systems and Cipher Locks Containing Rhythm Patterns” discloses the use of a password with timing constraints such as the pauses between key-presses or the duration of the key-press being added. The pauses or duration are predefined and may be either “long” or short” and may be either relative to each other or absolute values.
- U.S. Pat. No. 4,621,334 discloses a personal identification apparatus in which a mean time between keystrokes is used to determine whether a person attempting to gain access is the person who should be granted access to the system.
- U.S. Pat. No. 4,805,222 discloses a method of verifying a person's identity by measuring the average inter-character time between successive pairs of keystrokes and comparing this with a pre-stored sample.
- U.S. Pat. No. 5,557,686 discloses a user verification system in which vectors are constructed from user inputted samples and a neural network is used to determine whether the user inputted samples are similar to a sample entered for user verification.
- U.S. Pat. No. 5,721,765 discloses a security system in which digits of an identification number are separated into two or more groups that must be entered with a predetermined time delay between each of the two or more groups.
- U.S. Pat. No. 6,151,593 discloses a neural network which compares a timing vector extracted from the keystrokes a user has typed in with a training set to authenticate the identity of the user.
- It would be desirable to allow entry of a password, code or identification number according to a rhythm and tempo defined by the user entering the password, code or identification number during a learning period.
- Accordingly the invention provides a method of authenticating a user where the method comprises: providing a user unique identifier, the unique identifier comprising both a sequence of keystrokes and the inter-keystroke intervals associated with provision of those keystrokes; comparing the unique identifier provided by the user with a reference unique identifier by: comparing the absolute inter-keystroke intervals of the unique identifier with the absolute inter-keystroke intervals of the reference unique identifier and returning a true indication if the absolute inter-keystroke interval of the unique identifier is within a predetermined tolerance of the absolute inter-keystroke interval of the reference identifier; comparing the relative inter-keystroke intervals of the unique identifier with the relative inter-keystroke intervals of the reference unique identifier and returning a true indication if the relative inter-keystroke interval of the unique identifier is within a predetermined tolerance of the relative inter-keystroke interval of the reference identifier; authenticating said user if both said absolute comparison step and said relative comparison step return a true indication.
- The invention has the advantage that both the absolute inter-keystroke interval and the relative inter-keystroke interval are compared and if the two comparisons are sufficiently close, that is, within a predetermined tolerance, then the comparison is true. In this way a user can add a rhythm and a tempo to the way in which they enter the unique identifier.
- In a preferred embodiment, the relative inter-keystroke intervals are the ratio of the inter-keystroke intervals and the inter-keystroke interval between entry of the first of said sequence of keystrokes and the second of said sequence of keystrokes. The use of the relative inter-keystroke intervals being calculated as relative to the first inter-keystroke interval provides for simple computation of the required relative ratios.
- In a preferred embodiment, the method further comprises the step of entry by the user of the reference unique identifier and wherein said predetermined tolerance is determined during said step of entry by the user of the reference unique identifier. This allows the method to determine the most appropriate tolerance from the initial entry of the reference unique identifier. The tolerance must be sufficiently large that authentication is not refused due to minor variations in entry of the unique identifier, but also that authentication is not given when the unique identifier is not entered by the authorized user.
- In a further aspect of a preferred embodiment, said predetermined tolerance is explicitly set by the user. In some applications, it may be determined that a particular tolerance should be used and that the user should achieve this tolerance in order for the unique identifier to be accepted. For example, if during entry of the reference unique identifier, there is a large variation in the relative or absolute values of the inter-keystroke intervals, then that would allow future entry of the unique identifier with a large tolerance. It may be desirable to limit the tolerance or to explicitly set the tolerance.
- The invention also provides a computer program comprising computer program code means adapted to perform the steps of any one of the methods described above.
- As used herein, “rhythm” is intended to mean absolute measures of the time interval between the entry of each character or number of the password and password is taken to mean a password, code or identification number. That is, for example, if the characters being entered are “fred”, then the interval between entering each of characters “f” and “r” might be 203 milliseconds (mS), the interval between entering each of characters “r” and “e” might also be 203 mS, and the interval between entering each of characters “e” and “d” might be 156 mS.
- Also, as used herein, “Rhythm Tolerance” is intended to mean the variation from these absolute values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted. For example, using the intervals mentioned above, with a Rhythm Tolerance of 25%, a range of 153 mS to 253 mS (203 mS plus or
minus 25%) might be acceptable for the interval between entering “f” and “r” and a range of 117 mS to 195 mS (156 mS plus orminus 25%) might be acceptable for the interval between entering “e” and “d”. - Further, as used herein, “tempo” is intended to mean relative measures of the time interval between the entry of each character or number of a password, code or identification number.
- Also, as used herein, “Tempo Tolerance” is taken to mean the variation from these Tempo (relative) values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted.
- Other aspects, features, and advantages of the present invention will become more fully apparent from the following detailed description, the appended claims, and the accompanying drawings in which:
- FIG. 1 is a flow diagram of a learning mode of an embodiment of the present invention;
- FIG. 2 is a screen image at
step 102 of FIG. 1; - FIG. 3 is a screen image after
step 104 of FIG. 1; - FIG. 4 is a screen image after
step 106 of FIG. 1; - FIG. 5 is a screen image of the error indication displayed at
step 110 of FIG. 1; - FIG. 6 is a flow diagram of a secure mode of an embodiment of the present invention;
- FIG. 7 is a screen image of the error indication displayed at
step 614 of FIG. 6; - FIG. 8 is a screen image of the error indication displayed at
step 610 of FIG. 6; - FIG. 9 is a screen image of the error indication displayed at
step 618 of FIG. 6; and - FIG. 10 is a screen image of the tempo checking portion of the present invention.
- The use of figure reference labels in the claims is intended to identify one or more possible embodiments of the claimed subject matter in order to facilitate the interpretation of the claims. Such labeling is not to be construed as necessarily limiting the scope of those claims to the embodiments shown in the corresponding figures. The preferred embodiments of the present invention and its advantages are best understood by referring to the drawings, like numerals being used for like and corresponding parts of the various drawings. Reference herein to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention, but not necessarily in all. The appearances of the phrase “in one embodiment” in various places in the specification, sequentially or otherwise, does not necessarily indicate that each phrase refers to or is used in reference to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. The description herein is largely based on a particular method as developed by the inventors identified above. Those skilled in the art will appreciate that the description can be equally applied to other methods involving security, passwords and the like.
- When a password, code or identification number is entered into a system by a user, there is typically a rhythm associated with the entry of the characters or numbers of the password, code or identification number.
- If the rhythm aspect of password entry is to be used, the system into which the password is entered must learn the rhythm associated with a password when it is first entered. The system does this by having a Learning Mode in which the password is entered and the rhythm is learnt. This might be a single entry of the password, but is preferably at least three entries of the password in order to allow for variation in entry of the password. Once the password has been learned, a Secure Mode is used, in which the password is entered and checked.
- FIG. 1 shows a flow diagram of a Learning Mode of a first embodiment of the present invention. At step102 (initialization), a program window (shown in FIG. 2) is created on the screen. Referring to FIG. 2, the
program window 200 has awindow title 202 of “No Reference Password”. ARhythm Tolerance slider 204 is set to an initial value of 25%. Push-button 210 identifies that this is a LearnMode. Push-button 206 to enter Secure Mode and tick-box 208 to Enable Rhythm Checking are initially disabled. TheEnter Password window 212 is initially blank, ready for entry of a password. Themessage window 214 is initially empty. - At
step 104 of FIG. 1, a first entry of a password is made. In the screen shot of the exemplary embodiment shown in FIG. 3, thewindow title 302 is now Reference Password: ‘fred’, since the password entered was “fred”. A message is displayed in themessage box 214 which says “New reference password accepted. The password that was typed in appears in theEnter Password window 212 and learncount window 218 has the text “0 Learnt” displayed in it because although one password entry has been made, this has been used to determine what characters or numbers the password consists of. In alternative embodiments, this first entry of the password could be used as part of the learning process. - At
step 106 of FIG. 1, a second entry of the password is made. FIG. 4 shows a screen shot taken after the second entry of the password has been made. As each character of the password is entered, it is displayed in themessage box 214 with the elapsed time interval between entry of each character in ms shown. Additionally, an acceptable range of time intervals computed using the rhythm tolerance may be shown. In the example of FIG. 4, this is not shown until a third entry of the password had been made, although this is not an essential feature of the invention and it could be shown after a first entry, or a second entry or a subsequent entry of the password. - When the Enter key or another key representing completion of the password entry process is pressed, then processing moves to step108 of FIG. 1. If the second entry of the password matched the first entry of the password, the words “Password accepted.” are displayed and the learn
count window 218 now displays a learn count of 1. Processing moves to step 112 of FIG. 1 where an acceptable range of rhythm values is set. As an example, the message window of a subsequent entry might show: - ‘f’ (0 ms) [Range: 0->0] PASS
- ‘r’ (265 ms) [153->253] FAIL (Slow)
- ‘e’ (203 ms) [153->253] PASS
- ‘d’ (157 ms) [117->195] PASS
- Password accepted.
- In the example above, the acceptable rhythm range has been set between 153 ms and 253 ms for the time interval between entry of “f” and “r”, that is the time interval for the initial entry with a 25% tolerance applied. Similarly, for the time interval between entry of “r” and “e” and for “e” and “d”, where the ranges are 153 ms to 253 ms and 117 to 195 ms respectively. The time interval between entry of “f” and “r” was outside the acceptable range and so failed for that entry. The time intervals between entry of “r” and “e” and for “e” and “d” were within the acceptable ranges for those time intervals and so passed for those entries.
- However, if the second entry of the password does not match the first entry of the password, processing passes to step110 of FIG. 1. FIG. 5 shows a screen shot taken after an incorrect second entry of the password has been made. Preferably, the words “Password text incorrect.” and “Password not accepted.” are displayed in the
message window 214 and the learn count displayed in thelearn count window 218 is not incremented. An “Invalid Entry”indication 502 is displayed in theprogram window 500. - Once sufficient entries of the correct password have been made for a valid acceptable rhythm range to be determined, then at
step 114 of FIG. 1, a Secure Mode is enabled and the push-button 206 for the Secure Mode may be selected. Atstep 116 of FIG. 1, a check is made as to whether the Secure Mode has been selected. If the Secure Mode has been selected, then the Learning Mode is exited atstep 118 of FIG. 1 and the Secure Mode (described later with reference to FIG. 6) is entered. - If the Secure Mode is not selected, then subsequent entries of the password can be made at
step 120 of FIG. 1. Atstep 122 of FIG. 1 a test is done to see if a subsequent entry matches the first entry. If a subsequent entry does match a first entry, then atstep 124 of FIG. 1 the acceptable range is modified to take into account the values of the subsequent entry and processing returns to step 116 of FIG. 1. If a subsequent entry does not match the first entry, then an error indication is displayed atstep 126 before processing returns to step 116 of FIG. 1. - Referring now to FIG. 6 which shows a flow diagram of a Secure Mode. A secure mode is entered at
step 602. Rhythm checking is allowed, although not enabled atstep 604. This is achieved in the exemplary embodiment by allowing selection of the tick box (208 in FIG. 7) but not having the tick box ticked by default. Atstep 606, the password is entered by the user. - At
step 608, a check is made as to whether or not the password text is correct. If the password text is not correct, then “Password text incorrect” and “Password not accepted” messages are displayed in the message box (214 in FIG. 8) and an indication (502 in FIG. 8) is provided that the password is an invalid entry and an indication (802 in FIG. 8) is provided that the password is not accepted. Processing returns to step 606 to accept the entry of password. If the password text is correct, then atstep 612, a check is made as to whether rhythm checking is enabled. If rhythm checking is not enabled, then atstep 614 the password is accepted and a “Password accepted” message is displayed in the message box (214 in FIG. 7) and an indication (702 in FIG. 7) is displayed that the password is accepted. - If rhythm checking is enabled, then at
step 616, the individual time intervals are checked to see if they fall within the respective ranges for those time intervals. If any of the time intervals do not fall within the acceptable ranges, then “Password rhythm incorrect” and “Password not accepted” messages are displayed in the message box (214 in FIG. 9) and an indication (802 in FIG. 9) is provided that the password is not accepted. Processing returns to step 606 to accept the entry of password. If all of the time intervals fall within the acceptable ranges, then atstep 620 the password is accepted and a “Password accepted” message is displayed in the message box (214 in FIG. 7) and an indication (702 in FIG. 7) is displayed that the password is accepted. - In addition to checking the rhythm of entry of the password, the tempo is checked. As used herein, “tempo” is intended to mean relative measures of the time interval between the entry of each character or number of a password, code or identification number. That is, for example, if the characters being entered are “fred”, then the interval between entering “f” and “r” might be 203 mS, the interval between entering “r” and “e” might also be 203 mS and the interval between entering “e” and “d” might be 156 mS. The first inter-character interval, that is, the interval between entering “f” and “r”, may be used as an “anchor” for checking the relative timing for the rest of the password. The second and subsequent inter-character intervals are divided by this first interval to give values for the tempo. So the Tempo value for the interval between entering “r” and “e” would be 203 mS divided by 203 mS, that is 1.00 and the Tempo value for the interval between entering “e” and “d” might be 156 mS divided by 203 mS, that is 0.77.
- In an alternative embodiment, the average of the inter-character intervals may be used as an “anchor”.
- Also, as used herein, “Tempo Tolerance” is taken to mean the variation from these Tempo (relative) values that are permitted for the rhythm of the entry of the password, code or identification number to be accepted. For example, using the intervals mentioned above, with a Tempo Tolerance of 25%, a Tempo value of 0.75 to 1.25 (1.00 plus or minus 25%) might be acceptable for the interval between entering “r” and “e” and a range of 0.58 to 0.96 (0.77 plus or minus 25%) might be acceptable for the interval between entering “e” and “d”.
- As for the rhythm aspect of password entry, the system into which the password is entered must learn the tempo associated with a password when it is first entered. The system does this by using a Learning Mode and a Secure Mode in which the password is entered and the tempo is learned.
- FIG. 10 shows a
program window 1000 with awindow title 202 of “Reference Password: “fred”. ARhythm Tolerance slider 204 is set to an initial value of 25% and aTempo Tolerance slider 1002 is set to an initial value of 25%. Tick-box 1004 is included to enable Tempo checking.Message window 214 shows the elapsed time interval between entry of each character in ms, the range that is acceptable and whether the time interval is within the acceptable range. Additionally or alternatively for this embodiment, the reference tempo is shown, together with the minimum and maximum values and whether or not the tempo is within the tolerance range. - Additionally, the embodiment of FIG. 10 includes a
graphical display 1006 of the rhythm and agraphical display 1008 of the tempo. The nominal value is shown together with the acceptable range. Additionally, the actual value for this entry is shown. It can then be seen graphically whether or not the actual value falls within the accepted range. - FIGS.2 to 5 and 7 to 10 and the associated description describe an embodiment that is a demonstration of the principles of the present invention. Considerable feedback is provided to the user in the embodiments described in order for the user to understand how the invention works and in order to allow the reader of this specification to fully understand the invention. Practical implementations of the invention however, though claimed herein, are not likely to include or require each and all of the heretofore explainede features. For example, it is unlikely that the window title of a practical implementation would include the test of the password itself.
- Further, this password text has been included for exemplary purposes only. While the embodiments described might be implemented in a manner similar to that described for the learning mode, the secure mode a minimal user interface is likely to be used with the user merely being asked to provide a password and being informed whether or not that password has been accepted, without being told why it was not accepted. However, the principles of FIGS. 1 and 6 are likely to be implemented.
- It will be further understood that various changes in the details, materials, and arrangements of the parts which have been described and illustrated in order to explain the nature of this invention may be made by those skilled in the art without departing from the principle and scope of the invention as expressed in the following claims. Although the steps in the following method claims, if any, are recited in a particular sequence with corresponding labeling, unless the claim recitations otherwise imply a particular sequence for implementing some or all of those steps, those steps are not necessarily intended to be limited to being implemented in that particular sequence.
Claims (5)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB0229727.3A GB0229727D0 (en) | 2002-12-19 | 2002-12-19 | Improved password entry |
GB0229727.3 | 2002-12-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
US20040162999A1 true US20040162999A1 (en) | 2004-08-19 |
Family
ID=9950094
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/727,372 Active 2026-01-19 US7305559B2 (en) | 2002-12-19 | 2003-12-04 | Software method for improved password entry |
US10/727,428 Abandoned US20040162999A1 (en) | 2002-12-19 | 2003-12-04 | Method for improved password entry |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/727,372 Active 2026-01-19 US7305559B2 (en) | 2002-12-19 | 2003-12-04 | Software method for improved password entry |
Country Status (2)
Country | Link |
---|---|
US (2) | US7305559B2 (en) |
GB (1) | GB0229727D0 (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070198712A1 (en) * | 2006-02-07 | 2007-08-23 | Biopassword, Inc. | Method and apparatus for biometric security over a distributed network |
US20070233667A1 (en) * | 2006-04-01 | 2007-10-04 | Biopassword, Llc | Method and apparatus for sample categorization |
US20070234056A1 (en) * | 2006-03-31 | 2007-10-04 | Biopassword, Llc | Method and apparatus for multi-distant weighted scoring system |
US20070245151A1 (en) * | 2004-10-04 | 2007-10-18 | Phoha Vir V | System and method for classifying regions of keystroke density with a neural network |
US20070300077A1 (en) * | 2006-06-26 | 2007-12-27 | Seshadri Mani | Method and apparatus for biometric verification of secondary authentications |
US20080066167A1 (en) * | 2006-09-12 | 2008-03-13 | Andri Michael J | Password based access including error allowance |
US20080098222A1 (en) * | 2004-09-22 | 2008-04-24 | Zilberman Arkady G | Device with built-in user authentication and method for user authentication and identity theft protection |
US20080195976A1 (en) * | 2007-02-14 | 2008-08-14 | Cho Kyung-Suk | Method of setting password and method of authenticating password in portable device having small number of operation buttons |
US20090150992A1 (en) * | 2007-12-07 | 2009-06-11 | Kellas-Dicks Mechthild R | Keystroke dynamics authentication techniques |
US7706574B1 (en) | 2003-11-06 | 2010-04-27 | Admitone Security, Inc. | Identifying and protecting composed and transmitted messages utilizing keystroke dynamics |
WO2011054718A1 (en) * | 2009-11-06 | 2011-05-12 | Psylock Gmbh | Method and apparatus for avoiding manipulations in authentication and/or identification systems by means of typing behaviour |
US8020005B2 (en) | 2005-12-23 | 2011-09-13 | Scout Analytics, Inc. | Method and apparatus for multi-model hybrid comparison system |
US9454655B2 (en) | 2011-08-31 | 2016-09-27 | International Business Machines Corporation | Creation of rhythmic password and authentication based on rhythmic password |
US10846385B1 (en) | 2019-10-11 | 2020-11-24 | Capital One Services, Llc | Systems and methods for user-authentication despite error-containing password |
Families Citing this family (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7502936B2 (en) * | 2001-02-14 | 2009-03-10 | Jsm Technologies, L.L.C. | System and method providing secure access to a computer system |
GB0229727D0 (en) * | 2002-12-19 | 2003-01-29 | Ibm | Improved password entry |
US8344851B2 (en) * | 2006-05-31 | 2013-01-01 | Samsung Electronics Co., Ltd. | Method for providing remote mobile device access and control |
US9672335B2 (en) * | 2009-12-17 | 2017-06-06 | Laird H Shuart | Cognitive-based logon process for computing device |
US20120246483A1 (en) * | 2011-03-25 | 2012-09-27 | Netanel Raisch | Authentication System With Time Attributes |
US8145913B1 (en) | 2011-08-30 | 2012-03-27 | Kaspersky Lab Zao | System and method for password protection |
TWI474703B (en) * | 2011-09-30 | 2015-02-21 | Ibm | Method and computer system for providing time ratio-based password/challenge authentication |
US9262603B2 (en) | 2011-10-21 | 2016-02-16 | International Business Machines Corporation | Advanced authentication technology for computing devices |
CN103455738A (en) * | 2012-06-04 | 2013-12-18 | 国际商业机器公司 | Method and computer device for providing time ratio-based password/challenge authentication |
US8942431B2 (en) * | 2012-06-24 | 2015-01-27 | Neurologix Security Group Inc | Biometrics based methods and systems for user authentication |
CN103873455B (en) | 2012-12-18 | 2019-05-17 | 阿里巴巴集团控股有限公司 | A kind of method and device of information checking |
US9213812B1 (en) * | 2012-12-28 | 2015-12-15 | Allscripts Software, Llc | Systems and methods related to security credentials |
US9390244B2 (en) * | 2013-03-12 | 2016-07-12 | Eric Lynch | Temporal security for controlled access systems |
CN105450405B (en) | 2014-07-18 | 2018-10-02 | 阿里巴巴集团控股有限公司 | A kind of setting of password and authentication method and system |
WO2017219376A1 (en) | 2016-06-25 | 2017-12-28 | 华为技术有限公司 | Method and apparatus for generating password by means of pressure touch control |
US10956558B2 (en) | 2018-10-31 | 2021-03-23 | Microsoft Technology Licensing, Llc | Methods for increasing authentication security |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4805222A (en) * | 1985-12-23 | 1989-02-14 | International Bioaccess Systems Corporation | Method and apparatus for verifying an individual's identity |
US20010004759A1 (en) * | 1998-08-25 | 2001-06-21 | Osmonen Heikki | Method and system for approving a password |
US20020083347A1 (en) * | 2000-12-25 | 2002-06-27 | Akira Taguchi | Password generation and verification system and method therefor |
US6442692B1 (en) * | 1998-07-21 | 2002-08-27 | Arkady G. Zilberman | Security method and apparatus employing authentication by keystroke dynamics |
US20030172281A1 (en) * | 2002-03-05 | 2003-09-11 | Kun-Hak Lee | User authentication method using password |
US20040059950A1 (en) * | 2002-09-24 | 2004-03-25 | Bender Steven S. | Key sequence rhythm recognition system and method |
US20040143767A1 (en) * | 2002-12-19 | 2004-07-22 | International Business Machines Corporation | Software method for improved password entry |
US6895514B1 (en) * | 1999-06-25 | 2005-05-17 | Lucent Technologies Inc. | Method and apparatus for achieving secure password access |
US6901145B1 (en) * | 1999-04-08 | 2005-05-31 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
US6912605B1 (en) * | 2002-03-29 | 2005-06-28 | Cypress Semiconductor Corp. | Method and/or apparatus for implementing security in keyboard-computer communication |
US6954862B2 (en) * | 2002-08-27 | 2005-10-11 | Michael Lawrence Serpa | System and method for user authentication with enhanced passwords |
US7062655B2 (en) * | 2002-01-23 | 2006-06-13 | International Business Machines Corporation | Method, system, and storage medium for determining trivial keyboard sequences of proposed passwords |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4621334A (en) * | 1983-08-26 | 1986-11-04 | Electronic Signature Lock Corporation | Personal identification apparatus |
US6202055B1 (en) * | 1996-08-21 | 2001-03-13 | Image Data, Llc | Positive identification display device and scanner for low cost collection and display of graphic and text data in a secure manner |
KR19990009965A (en) * | 1997-07-14 | 1999-02-05 | 정명식 | User authentication method using typing pattern |
US6817520B2 (en) * | 1997-10-02 | 2004-11-16 | Kroll Family Trust | Magnetic card swipe signature security system |
US6062474A (en) * | 1997-10-02 | 2000-05-16 | Kroll; Mark William | ATM signature security system |
US7043640B2 (en) * | 2001-02-14 | 2006-05-09 | Pritchard James B | Apparatus and method for protecting a computer system |
-
2002
- 2002-12-19 GB GBGB0229727.3A patent/GB0229727D0/en not_active Ceased
-
2003
- 2003-12-04 US US10/727,372 patent/US7305559B2/en active Active
- 2003-12-04 US US10/727,428 patent/US20040162999A1/en not_active Abandoned
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4805222A (en) * | 1985-12-23 | 1989-02-14 | International Bioaccess Systems Corporation | Method and apparatus for verifying an individual's identity |
US6442692B1 (en) * | 1998-07-21 | 2002-08-27 | Arkady G. Zilberman | Security method and apparatus employing authentication by keystroke dynamics |
US20010004759A1 (en) * | 1998-08-25 | 2001-06-21 | Osmonen Heikki | Method and system for approving a password |
US6901145B1 (en) * | 1999-04-08 | 2005-05-31 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
US6895514B1 (en) * | 1999-06-25 | 2005-05-17 | Lucent Technologies Inc. | Method and apparatus for achieving secure password access |
US20020083347A1 (en) * | 2000-12-25 | 2002-06-27 | Akira Taguchi | Password generation and verification system and method therefor |
US7062655B2 (en) * | 2002-01-23 | 2006-06-13 | International Business Machines Corporation | Method, system, and storage medium for determining trivial keyboard sequences of proposed passwords |
US20030172281A1 (en) * | 2002-03-05 | 2003-09-11 | Kun-Hak Lee | User authentication method using password |
US6912605B1 (en) * | 2002-03-29 | 2005-06-28 | Cypress Semiconductor Corp. | Method and/or apparatus for implementing security in keyboard-computer communication |
US6954862B2 (en) * | 2002-08-27 | 2005-10-11 | Michael Lawrence Serpa | System and method for user authentication with enhanced passwords |
US20040059950A1 (en) * | 2002-09-24 | 2004-03-25 | Bender Steven S. | Key sequence rhythm recognition system and method |
US20040143767A1 (en) * | 2002-12-19 | 2004-07-22 | International Business Machines Corporation | Software method for improved password entry |
US7305559B2 (en) * | 2002-12-19 | 2007-12-04 | Lenovo Singapore Pte Ltd. | Software method for improved password entry |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7706574B1 (en) | 2003-11-06 | 2010-04-27 | Admitone Security, Inc. | Identifying and protecting composed and transmitted messages utilizing keystroke dynamics |
US8766823B2 (en) | 2004-09-22 | 2014-07-01 | Bekad Mgmt. Ii, Llc. | Keyboard configurations |
US8065525B2 (en) | 2004-09-22 | 2011-11-22 | Bekad Mgmt. Ii, Llc | Device with built-in user authentication and method for user authentication and identity theft protection |
US20100302157A1 (en) * | 2004-09-22 | 2010-12-02 | Zilberman Arkady G | Keyboard Configurations |
US20080098222A1 (en) * | 2004-09-22 | 2008-04-24 | Zilberman Arkady G | Device with built-in user authentication and method for user authentication and identity theft protection |
US7701364B1 (en) * | 2004-09-22 | 2010-04-20 | Zilberman Arkady G | User input authentication and identity protection |
US7620819B2 (en) | 2004-10-04 | 2009-11-17 | The Penn State Research Foundation | System and method for classifying regions of keystroke density with a neural network |
US20070245151A1 (en) * | 2004-10-04 | 2007-10-18 | Phoha Vir V | System and method for classifying regions of keystroke density with a neural network |
US8020005B2 (en) | 2005-12-23 | 2011-09-13 | Scout Analytics, Inc. | Method and apparatus for multi-model hybrid comparison system |
US20070198712A1 (en) * | 2006-02-07 | 2007-08-23 | Biopassword, Inc. | Method and apparatus for biometric security over a distributed network |
US7526412B2 (en) | 2006-03-31 | 2009-04-28 | Biopassword, Inc. | Method and apparatus for multi-distant weighted scoring system |
US20070234056A1 (en) * | 2006-03-31 | 2007-10-04 | Biopassword, Llc | Method and apparatus for multi-distant weighted scoring system |
US20070233667A1 (en) * | 2006-04-01 | 2007-10-04 | Biopassword, Llc | Method and apparatus for sample categorization |
US20070300077A1 (en) * | 2006-06-26 | 2007-12-27 | Seshadri Mani | Method and apparatus for biometric verification of secondary authentications |
US20080066167A1 (en) * | 2006-09-12 | 2008-03-13 | Andri Michael J | Password based access including error allowance |
US20080195976A1 (en) * | 2007-02-14 | 2008-08-14 | Cho Kyung-Suk | Method of setting password and method of authenticating password in portable device having small number of operation buttons |
US8332932B2 (en) | 2007-12-07 | 2012-12-11 | Scout Analytics, Inc. | Keystroke dynamics authentication techniques |
US20090150992A1 (en) * | 2007-12-07 | 2009-06-11 | Kellas-Dicks Mechthild R | Keystroke dynamics authentication techniques |
WO2011054718A1 (en) * | 2009-11-06 | 2011-05-12 | Psylock Gmbh | Method and apparatus for avoiding manipulations in authentication and/or identification systems by means of typing behaviour |
US9454655B2 (en) | 2011-08-31 | 2016-09-27 | International Business Machines Corporation | Creation of rhythmic password and authentication based on rhythmic password |
US10846385B1 (en) | 2019-10-11 | 2020-11-24 | Capital One Services, Llc | Systems and methods for user-authentication despite error-containing password |
US11354389B2 (en) | 2019-10-11 | 2022-06-07 | Capital One Services, Llc | Systems and methods for user-authentication despite error-containing password |
Also Published As
Publication number | Publication date |
---|---|
US20040143767A1 (en) | 2004-07-22 |
US7305559B2 (en) | 2007-12-04 |
GB0229727D0 (en) | 2003-01-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7305559B2 (en) | Software method for improved password entry | |
US6954862B2 (en) | System and method for user authentication with enhanced passwords | |
US7802103B2 (en) | Key sequence rhythm recognition system and method | |
US7571326B2 (en) | Relative latency dynamics for identity authentication | |
US6151593A (en) | Apparatus for authenticating an individual based on a typing pattern by using a neural network system | |
US6442692B1 (en) | Security method and apparatus employing authentication by keystroke dynamics | |
KR101769119B1 (en) | Password Authentication System Based on Junk Data Coincidence and User Authentication Method thereof | |
US5608387A (en) | Personal identification devices and access control systems | |
JPS62157966A (en) | Method and apparatus for checking identity of person | |
US20070022299A1 (en) | Password authentication device, recording medium which records an authentication program, and authentication method | |
US7685431B1 (en) | System and method for determining relative strength and crackability of a user's security password in real time | |
US20150295913A1 (en) | Enhanced server/client login model | |
US20080034218A1 (en) | Key sequence rhythm guidance recognition system and method | |
WO1997023816A1 (en) | User identification system for data processing equipment with keyboard | |
US20160188855A1 (en) | Secure PIN Entry | |
US20080133933A1 (en) | Key sequence rhythm recognition system and method | |
CN109005140A (en) | A kind of method of safe account registering and logging | |
JPH0589324A (en) | Automatic cash transaction machine | |
JPH1115900A (en) | Password authentication system and recording medium recording processing procedure of the system | |
JP2008191942A (en) | Authentication device, authentication method and program | |
US20060136738A1 (en) | System and method for password validation | |
CN102089766A (en) | Method and apparatus for improving biometric identification systems | |
US20080028232A1 (en) | Key sequence recognition and password hardening system and method | |
RU2406143C2 (en) | Safe biometric authentication method | |
US6971014B1 (en) | Device and method for administration of identifying characteristics |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SCHREIBER, GRAEME G.;KNOX, ANDREW R.;REEL/FRAME:015470/0093;SIGNING DATES FROM 20040423 TO 20040428 |
|
AS | Assignment |
Owner name: LENOVO (SINGAPORE) PTE LTD.,SINGAPORE Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:016891/0507 Effective date: 20050520 Owner name: LENOVO (SINGAPORE) PTE LTD., SINGAPORE Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTERNATIONAL BUSINESS MACHINES CORPORATION;REEL/FRAME:016891/0507 Effective date: 20050520 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |