Browse Prior Art Database

Intentional user identity preservation with password protection key inclusion in laptops

IP.com Disclosure Number: IPCOM000202087D
Publication Date: 2010-Dec-03
Document File: 3 page(s) / 68K

Publishing Venue

The IP.com Prior Art Database

Abstract

Shoulder hacking has always been a problem for any user. With more mobility coming into our work environment and with the number of laptop users increasing day by day, the chances of password leaks are also increasing. Laptops used in public places are more vulnerable to password hacking. A person around us in public or in office or a surveillance camera on our top in a public place can be a possible source of threat, carefully watching our movement of fingers and recording the passwords.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 53% of the total text.

Page 01 of 3

Intentional user identity preservation with password protection key inclusion in laptops

The problem is - password entered into laptop can be leaked by carefully watching the movement of our fingers by persons around us.

The problem can be solved by choosing a proposed password mode of operation in laptops in which some of the keys will be disabled. The user will press a mixture of enabled and disabled keys giving the hacker a false impression. The user will configure a set of keys which gets disabled as soon as the user enters into password mode by pressing a password mode key
(

proposed new key). The user creates a false password on top of his original password. The false

password would be a mix of guanine and disabled keys. For ex. consider an 8 digit password "

afwk*647". The user configures c,l,2,5 keys to get disabled when he/she selects the password mode of operation. To enter this password, two steps are required.

1. The user will press a predefined set of key sequence like CTRL +

password mode key

Now the keys C,L,2,5 will get disabled.

                     afcwkl*64275 to enter password. Since keys c,l,2,5 are disabled, these keys won't form a part of the password and the hacker gets false impression that afcwkl*64275 is the password.

It decreases the chance of password leak in 2 ways:

1. It is more difficult for the hacker to carefully watch and remember more number of keys

pressed.

2. Even if he gathers all the keys pressed in right order, it is difficult for him to dig out the right password as some of the keys were pressed just to give false impression.

Benefit:

1. The proposed solution is independent of software applications running. It doesn't require any changes in the existing software's. Any application which requires a user to enter a password can work with it without any change in that software. Moreover there can be an option to the user to configure more than one password mode sequence. For ex., let us consider a user uses two password based applications very frequently and he/she needs to disable different sets of keys for each of the password. So he/she can configure two

password mode operations. Like he/she configures ctrl+

email password in which he has configured to disable A,B,C letters keys and he/she configures Ctrl+

password mode key + D to enter another password in which he/she has configured to

disable letters d,e,f letters keys.

2. Solution is very flexible. Every thing is configurable and up to the users choice to use. For more critical situations where high strength password is required, the user can choose to disable more keys and create a very long false password.

Notable feature:

1. Shoulder password hacking will get reduced thus making systems more secure. Currently, the

1

(new key) + W (or any preconfigured by user) key.


2.

Now the user will press keys

password mode key + L to...