Is that faded picture of Uncle Alfie a good security paradigm?

Cyber security and uncle Alfie. You remember him, you met him when you were six. Just that one time, sadly he passed away at the end of that year. You met him at a family reunion. He was there sitting in a chair not doing well. Chemo had really hit him hard. So the family had a reunion for the most part to say goodbye to Alfie.

Except now, you can use that moment as your security key. Imagine a time when security is visually identifying four or more pictures quickly in order correctly. Not pictures of you that any hacker could fine. Rather obscure pictures that you would remember from long ago. You know, that time you met Uncle Alfie. Or that girl you dated 30 years ago. Remember her? You have that one picture of her still. Or perhaps you would identify a picture of an event, that a person has been cut out of. Who was cut out? Identify the missing person.

As we move towards the information age (we are not there yet kids please stop asking). We have to consider security. More and more information is being posted on Facebook, Twitter and others. The social site du jour changes almost every hour now. Snapchat is the cool replacement for Instagram that replaced Tumblr and so on.

Security though, that we could use a number of different sources. What did you say in your 8th grade commencement speech? Identify Uncle Alfie and then also what he said to you. Remember? As you leaned in to give your Uncle a hug? He said something? What was it? That is a great security key, a quick way to easily secure information and data. By the way Uncle Alfie said “you can hug me, I won’t bite” so that’s probably not a great security key because he said that to everyone. Literally. The nurses at the hospice were tired of hearing it, every day.

A mix of audio, images and then ultimately video would allow for a better security infrastructure that more users could create more complex passwords without risking the password being so complex you had to write it down and put it in your wallet. What’s that Bucky? Someone stole your wallet? Better change your password. Right now in fact!

Today the analysts tell us that hackers are ahead. To a degree they will always be ahead. Why? They don’t have to defend a static location. They can move around and look for the easy targets. Arming more people with the ability to create easy to use complex passwords would then be valuable.

Let’s mix images. Uncle Alfie that one time you met him, sitting in a wheelchair. Oh yeah and that picture of your grandfather as he graduated high school and then that person you dated 22 years ago or 30 years ago. Not the person you were dating yesterday or a picture of a your significant other. Those are too easy to find. No kids or dogs. Frankly those are posted everywhere. Nope has to be things that you have to pause and consider for a second. Each one requiring a unique memory. That gives us a more secure infrastructure.

If you miss one, no problem we have 30 or more to choose from randomly. If you flip 30 pictures from your collection up randomly what is your error rate? 25 out of 30? Let’s figure that an error rate of 20% is acceptable. IF you miss 1, then you have to get 4 right. Miss 2 you have to get 8 right and so on. That way we have a secure system and you don’t get locked out because you forgot you had that picture of Uncle Alfie at Halloween dressed up as Captain Hook. Who knew who was behind that plastic nose anyway. I sure didn’t remember that picture.

Now you wouldn’t use this for data that required more advanced two-factor authentication although this could be one of the factors. You would still need a pin or a smart card to ensure the person accessing the data was allowed.

But we could quickly make it harder to get base information.

.doc

Cyber wanderer