

Automated Shoulder Surfing Attacks (Computer Vision meets on screen keyboards) - mh_
http://blog.thinkst.com/2011/07/on-screen-keyboards-considered-harmful.html

======
yaakov34
We really, really need to move away from passwords as the primary security
mechanism. Let me count the ways:

(1) We cannot make people choose hard passwords. We just can't. As proven by
recent leaks in which people still, after a million warnings, have the dumbest
passwords.

But the problem is more serious: the goalposts keep moving. The current
standard - something like 10 random characters - is nearly impossible for
people to remember. I use longish passphrases anywhere this is allowed, but
it's blocked in lots of places, because, well, we can't have the network
overloaded with the extra 19 bytes of data.

(2) Shoulder-surfing and keyloggers are capable of permanently hijacking
passwords.

(3) Password managers do not provide the improvement we need - we can discuss
this separately.

Who is with me for making <http://en.wikipedia.org/wiki/Security_token>
absolutely ubiquitous? One additional thing I would like, which I think is
still not present in any of these devices, is the ability to compute
challenge-response internally, without relying on a client program on the
computer. Internal computation of challenge-response would make us safer at
untrusted terminals.

~~~
wazoox
Security tokens are far from a panacea, alas: remember how the best known, RSA
SecurID has been compromised last year?
[http://blogs.computerworld.com/17995/rsa_securid_hacked_2fa_...](http://blogs.computerworld.com/17995/rsa_securid_hacked_2fa_fob_and_software_compromise)

~~~
yaakov34
Oh, I completely agree, nothing is ever a panacea. But there is a difference
between a security incident and a fundamentally broken system. And I believe
that the current password systems are fundamentally broken in at least 2 ways:

(1) The permanent nature of the password, as opposed to one-time use (a three-
month limit changes little).

(2) The current system relies on assumption of certain user behavior - picking
true high entropy passwords - which is just.not.going.to.happen. The lectures
we give users on how they are living in sin are about as likely to change
anything as the programs to educate "the new Socialist man".

