| ??? 10/05/11 13:26 Read: times |
#184061 - Yes, I do know the solution Responding to: ???'s previous message |
I have done that on a paper. And yes, I would consider it a stupid pattern for a secure login, since quite a lot of people do know about it. A secure login should not be based on what is "beautiful" but what is "arbitrary".
It is because I do know how to connect the 3x3-grid dots with just 4 straight lines that I do know that I need to continue with the lines outside the 3x3 matrix. And that at least my devices will consider that to be a "mouse up", and will end the input there. The 3x3 pattern is just consuming a too large part of the display - a problem you do not have when playing with this little party trick with pen and paper. But the important issue here is that the total number of combinations you can play with (using one, two, three, ... nine dots in the pattern) is very high. But I'm quite sure that a very large percentage of users would make use of a couple of thousand patterns. So for many people, the security would be limited to the pause the system introduces after multiple incorrect inputs to protect from a too fast scan of possible patterns. In the end - you may think it advanced and complex to span the dots with four lines. But this is a well-known problem with lots of people knowing the answer. And the just as important thing is that the Android system don't care about straight lines or twirls. Users who do limit their thinking to a couple of straight lines will quickly prune a huge set of solutions from the problem. Next thing you aren't considering is that when you press your finger on the display, you leave a trace of oil on the glass. Guess how visible your four straight lines would be, compared to a twirly pattern... Ever wondered why so huge number of computer systems and "secure" applications have been hacked? Quite a lot of people have tried to implement "clever" security code but seriously overestimated the security of their idea. People invent cryptographic methods that - despite having many steps and looking very complex - falls almost instantly from statistical analysis. People invent methods for signing, session management, ... that ends up almost as unsafe as no protection at all, because of bad seeds for random numbers. Your four-line-intersect is a party trick. Try it on your guests at home. But do not for a second consider it as a secure login pattern. |
| Topic | Author | Date |
| A quick question | 01/01/70 00:00 | |
| Many patterns complex/hard to enter | 01/01/70 00:00 | |
| oohh | 01/01/70 00:00 | |
| 9 points grid (3x3) 4lines ? | 01/01/70 00:00 | |
| Yes and no | 01/01/70 00:00 | |
| 3x3 grid in real life | 01/01/70 00:00 | |
| Not at all - goal is security, not puzzle | 01/01/70 00:00 | |
| Only one way to to connect 3x3 with 4 lines | 01/01/70 00:00 | |
| Stupid | 01/01/70 00:00 | |
| Stupid opinion | 01/01/70 00:00 | |
| Yes, I do know the solution | 01/01/70 00:00 | |
| Patterns ... | 01/01/70 00:00 | |
| No time. No acceleration. No lift. No finger outside screen. | 01/01/70 00:00 | |
Password Glyphs | 01/01/70 00:00 |