A Keystroke-Dynamics Based Method for Passwordless Verification
Original Publication Date: 2009-Apr-22
Included in the Prior Art Database: 2009-Apr-22
This article proposes a keystroke-dynamics based method that allows an end user to log in to his/her machine with no password or special sensors. The core idea is that the machine learns the user's keystroke patterns and, on login attempt, presents some text for the user to type.
Ȉ ˇ ˄
The problem of verifying an end user at a computer/terminal is well known for decades. There are many known solutions to this problem, such as:
Passwords - There's a tradeoff between password strength and the end user ability to remember it
Biometric identification - Requires special hardware at the end point
- High false-positive ratio, sensitive to background noise
Ȉ ˇ ˄
Ȉ ˇ ˄ Ȉ ˇ ˄
and emotional variations
Keystroke verification  - Requires teaching the machine every time password is changed
Keystroke identification  - Requires additional verification method for the first ~100 characters typed, until the user is identified
We proposed a keystroke-dynamics based method that allows an end user to log in to his/her machine with no password or special sensors. The core idea is that the machine learns the users keystroke patterns and, on login attempt, presents some text for the user to type. The process has several stages:
1. Initial set-up:
After the user is created,
he is requested to type some random words, in order to create an initial keystroke dynamics patterns (several machine learning algorithms are presented in  and cited papers).
2. During subsequent sessions (after user is verified as later shown):
while performing his regular activities
(e.g. typing an email), provides input to the machine learning algorithm,
periodically) analyzes his ke...