Subj : Re: Presenting a new(?) idea for free open source software development To : comp.programming From : George Orwell Date : Mon Aug 08 2005 05:35 am -----BEGIN PGP SIGNED MESSAGE----- Bob McConnell wrote: > > On 7 Aug 2005 13:58:04 -0700, "Ingvald Straume (from Norway - Europe)" > wrote: > > >Hi! > > > >I'm a 32 years old novice to average programmer, and I have an idea > >which I believe to be fairly good: An authentification system to > >replace the old fashion password authentification method. The general > >idea is that a user - using the computer mouse - draws his/her > >signature onto a canvas on the login screen. The login program records, > >from millisecond to millisecond, the mouse motions and the curve drawn > >on the canvas by the user. Then the program compares the curve with an > >already stored pattern which has been preadapted to match the authentic > >users graphical mouse signature. > > > >I believe that this method will have some advantages compared to the > >traditional password security system: > > > >1) A graphical mouse login and authentification system is safe: Even if > >an intruder knows what the true user's signature looks like, he won't > >be able to reproduce it, because that requires that the signature is > >drawn in the true user's individual style and timing. > > > >2) Users will no longer need to remember passwords. > > > >A couple of years ago I wrote a demo-version ("beta 0.01 release") of > >the program. (It's in MS Visual Basic, because that was > >the tool available to me at the time of writing.) I will be happy to > >submit both the program and the source code, if anyone might be > >interested in discussing or colaborating on the idea. > > > >sincerely > >Ingvald Straume > >Norway, Europe > > There are devices available with the BioAPI that already do this. But > they hash the written image and compare it with the recorded template > inside of the box with the touchscreen. I wrote my signature on one at > Target just yesterday. > > Bob McConnell > N2SPP Seems a bit dubious, but I don't know, maybe there's a precedent for it. Seems unlikely, the idea mouse, or other input device timing, and rythm, or even resultant signiture form, and shape would be reliably consistent enough to make distinctions necessary for strict authentication. BC > > sincerely > Ingvald Straume > Norway, Europe -----BEGIN PGP SIGNATURE----- Version: N/A iQCVAwUBQvVPAqF0vu+BrKeVAQGOHwP/Yvr+JLtcxw1aFp93wkDvOPqlDm8sGoQR HTMl/4CBRL2kmVJKUFWFzkl2f7+B/hYYsluOJouxnChDAtJ+qARZO0Y6FPeBEHpy XEKDvXsMpZ241Jp/r6e53L0X52DMS05USWL9P89oV/cmZRleb9z4dDDWwzX932CE m4FDtafy4zg= =X6l3 -----END PGP SIGNATURE----- .