Alright, alright. I’ve dawdled enough. Everybody say it at once now: “All you have to do is kidnap the password holder and force them at gunpoint to enter the password.” Doesn’t that feel good? Now let’s move on. Bojinov et all are aware of their method’s weaknesses, such as susceptibility to eavesdropping (they use the term “shoulder surfing”) [...]
Yesterday I featured the preliminary work of a Stanford/Northwestern University team claims to have succeeded in embedding 30-character passwords into the subconscious memory of it’s subjects. The group will present their findings at the 21st USENIX Security Symposium in August. The interesting part for me was how they accomplished this. As mentioned yesterday, implicit memory [...]