EpisoPass: Password Management based on Episodic Memories
Date: December 5 2016
Publication: 11th International Conference on Passwords (Passwords16 Bochum)
Source 1: http://masui.org/b0a971212a1c4898d1d66b28378586a1.pdf
Abstract or Summary:
We propose a password manager EpisoPass that supports the generation of strong passwords based on a user's secret episodic memories. To use EpisoPass, a user first collects question-answer pairs related to their own episodic memories. Each is registered with several possible answers: a single correct answer and multiple fake answers. When the user wants to generate a password, EpisoPass shows each question and list of possible answers and asks the user to select those that are correct. EpisoPass then generates a domain-unique password by substituting the characters of a seed string based on the selected answers. Through careful selection of memories and answers, EpisoPass provides an authentication step using memories that are easy to recall, but difficult for others to guess. In this way various strong passwords can be easily managed without the need for the master password or secret device that is otherwise required by conventional password managers. Using a browser extension, users can use EpisoPass directly on the login page of conventional Web services like Facebook, removing the need to type or copy a password string.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=mV6xlrRj8vE Project page: https://github.com/masui/EpisoPass
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.