The idea of using a username and password to log into digital services has become so out-of-date and insecure that just about everyone is scrambling to find some kind of replacement. The latest password-free login solution comes from researchers working at the University of Plymouth.
The system is called GOTPass and it combines an unlock pattern (similar to the one you might have for your phone) with a picture of your choice—a truck or a seahorse or some other easily identifiable object.
Rather than having to remember a largely random collection of letters and numbers, you would simply draw your pattern and pick your icon out of a group of other images. This locks a one-time numerical code used to gain access to the app or site in question.
Not hack-proof yet
Unlike existing two-factor authentication systems, you don’t need to have a phone with you, but there’s still some work to do before the system is ready: the academics hacked their own system a total of 23 times from 690 attempts.
“There are alternative systems out there, but they are either very costly or have deployment constraints which mean they can be difficult to integrate,” says project leader Hussain Alsaiari. “The GOTPass system is easy to use and implement, while at the same time offering users confidence that their information is being held securely.”
If patterns and icons don’t work out then fingerprints, selfies, handshakes or text messages might have to do instead. Whatever the next step is, passwords are very definitely on the way out.
- And why is your password still password anyway?