GOTPass: new passwordless user authentication system

Over the past few years, it has been repeatedly suggested that the user authentication method using passwords is somewhat outdated. Some companies, agreeing with this opinion, are trying to create new authentication systems that would be more secure with standard methods and, at the same time, more convenient for work. One such system is being developed by researchers from the University of Plymouth.

Scientists called their project GOTPass, a combined system in which patterns, images, and a one-time password are combined. All this is needed to create a system that can be more convenient and more secure than the usual authentication methods.

GOTPass requires one-time setup. Here, the user will need to choose the method of connecting cells in an array of 4 * 4. After selecting a pattern, the user will see random images from which you will need to select one picture. As soon as this item is completed, the “password” will be ready for operation.
')
Now, when logging in, the system works quite simply for the user — you need to enter your login name and then draw your “graphic password”. The next step is a demonstration of a user from 16 images, of which two were selected during initial setup. As soon as the user selects the correct image, the system will give him a one-time password, which will need to be entered in a special field. The code is generated randomly, 8-character.

All this sounds rather complicated, but in fact, authentication using the new method takes no more time than entering a password. The team claims that the new system is still quite "raw." Further work will be carried out to increase the efficiency of such authentication and its convenience for the user. Now, the new authentication system was “hacked” 8 times out of 690. This is about 3.3%, which is pretty good.