Password for geeks - mix, but do not shake
If you are afraid of keyloggers and are able to say without thinking what letter in your password is in the Nth place, there is an original way to enter passwords for you, which will help to slightly increase their security.
If the author of the site made a simple text field for entering a password (of course, such as “password”, so that no one spied), then you can enter the password letter by word separately (not in order), of course, rearranging the cursor with the mouse so that the order of typing cannot be traced. cursor keys.
However, for the convenience of users, I propose to automate the mixing process for entering a password by setting a set of single-character cells instead of a simple text field:
')
After entering each character, the cursor is automatically transferred to one of the randomly selected unfilled cells, which is highlighted with a background for better visibility. Of course, no one bothers to rearrange the cursor manually. When sending a form, the password is collected in one line, while empty cells are skipped (not all passwords are equally long).
Advantages of this solution:
Obvious cons:
Warning: the idea was invented and published just for fun. I think it is obvious to everyone that this method cannot be the only option , but if someone implements it on his website as an alternative way to enter a password and this will attract a couple of geeks to his audience, it will be good.
If the author of the site made a simple text field for entering a password (of course, such as “password”, so that no one spied), then you can enter the password letter by word separately (not in order), of course, rearranging the cursor with the mouse so that the order of typing cannot be traced. cursor keys.
However, for the convenience of users, I propose to automate the mixing process for entering a password by setting a set of single-character cells instead of a simple text field:
')
After entering each character, the cursor is automatically transferred to one of the randomly selected unfilled cells, which is highlighted with a background for better visibility. Of course, no one bothers to rearrange the cursor manually. When sending a form, the password is collected in one line, while empty cells are skipped (not all passwords are equally long).
Advantages of this solution:
- protection against keyloggers, although you can still catch all the characters of the password, you will have to go through to N! (factorial) options to find the correct order.
- individual cells stimulate the user to choose longer passwords (and as you thought, when registering, you can enter the password in the same way) and show how much more free space is left.
- The password cannot be copied, which means it will have to be remembered and not stored in a potentially unsafe place on the computer.
- entering the password turns into an exciting game :)
Obvious cons:
- password entry takes longer
- Entering the password "purely mechanically" will no longer work, it will need to be remembered and broken into separate letters in your mind, which requires serious mental effort.
Warning: the idea was invented and published just for fun. I think it is obvious to everyone that this method cannot be the only option , but if someone implements it on his website as an alternative way to enter a password and this will attract a couple of geeks to his audience, it will be good.
Source: https://habr.com/ru/post/59152/
All Articles