Sick of forgetting passwords? Do you try entering yours multiple times before hitting that ‘forgot password’ link in disgust? Well, researchers from Xi’an Jiaotong-Liverpool University may have found a simple but effective solution, using an icon-based password system that plays on a human’s natural ability to tell stories.
Developed by Dr Hai-Ning Liang, Dr Charles Fleming and Ilesanmi Olade, the system – coined SemanticLock – relies on users to create their own unique story with predetermined icons to make a password.
Dr Fleming says if the new system, currently at prototype stage, is developed further, it could mean forgetting passwords would become a thing of the past.
“People aren’t programmed to memorise random digits or letters and this is why we have so much trouble remembering passwords,” he says.
“SemanticLock relies on a human’s aptitude for storytelling. Users pick a set of icons to make a story, creating a unique password that means something only to them.”
Co-researcher Dr Liang says their study has revealed icon-based passwords are much easier to remember than pin or pattern-based counterparts.
“Study participants were asked to remember passwords they had been given the week before – while only 30% of participants could recall the pattern password and 50% could remember the pin password, 90% remembered the SemanticLock password,” he says.
“We believe this is because people are naturally conditioned to retain stories that they can attach meaning to, over numbers or patterns that have no significance.”
Dr Fleming says SemanticLock also helps protect users from hackers.
“Pin passwords offer millions of password possibilities, but far less passwords are actually in use because most people pick something that is easy to remember, like a date,” he says.
“Besides significantly reducing the number of available password options, choosing a number with some meaning or pattern attached to it compromises the password’s security.
“A hacker just needs to know something about you – for example, age – and suddenly there is only a very small set of passwords they have to try to access your private information.
“This is what makes SemanticLock more secure – as it’s based on a user’s personal narrative, there is no information or data a hacker can use to predict the password.”
SemanticLock was developed by researchers from the Department of Computer Science and Software Engineering at XJTLU. XJTLU is the largest international collaborative university in China, a partnership between Xi’an Jiaotong University and the University of Liverpool.