Kodewerx

Our culture has advanced beyond all that you could possibly comprehend with one hundred percent of your brain.
It is currently Sun Dec 08, 2024 7:38 am

All times are UTC - 8 hours [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Mon Jan 11, 2010 9:30 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
http://www.w3.org/TR/html5/the-canvas-element.html

Don't you think that this element would make an awesome replacement for text passwords? That's the first thing that came to mind when I was reading the doc (linked above).

What do you think about this idea?

With a huge pallet of pre-defined colors, and/or a text field for the hex color, with a small canvas about 25px square (5x5), the number of possible passwords is far greater than a 25 character text password.



Oh, Security on over-the-shoulder-looking:
The square could use a white bg (meaning there is no color in that pixel or it is white) and every color you place is rendered as grayish in the square.
I don't know if there is option to do this built in, but maybe you could place the "real one" in a hidden div that reflects what you actually draw in. etc etc



HTML 5 isn't due to be finished until 10 years after the world ends but I think I'll definitely develop this, at least as an option, when it's ready.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jan 13, 2010 3:01 pm 
Offline
Komrade
Komrade

Joined: Tue Mar 27, 2007 10:18 am
Posts: 1328
Certainly sounds interesting, but it seems like something others would want to use and be irritated with if you didn't spec it just right.

Don't forget to add 3D support in some zany way when they implement that OpenGL API! Something like picking a color gives you a tiny cube of that color that you must place at a specific point in 3D space for the password to be accepted.

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Thu Jan 14, 2010 11:34 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3768
Title: All in a day's work.
Canvas is already here, and WebGL already showing progress. (Yes, I follow Mozilla blogs. Not so much Chrome/Safari/Opera, but they are doing some great stuff, too.)

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 17, 2010 12:52 am 
Offline
Komrade
Komrade
User avatar

Joined: Tue Mar 27, 2007 6:23 pm
Posts: 1354
Location: Mario Raceway, 1509.831, 217.198, -564.429
Title: Mario Kart 64 Hacker
Such graphical password inputs are nice in theory, but who is actually going to use and remember 99% of the possible inputs that just look like static garbage? It's not hard to remember something like "first letter of each word in some sentence" or "random Gameshark code I happened to memorize", but few are going to remember "black, white, white, white, black, white, black, white, white..." unless there's an obvious pattern to it, which severely weakens the security.

A few geeks might memorize a number, convert it to binary on the fly, and fill in the relevant pixels, but they'd also probably know well enough to use good strong passwords in the first place (and have the mental capacity to memorize strong passwords). Not to mention, you're turning the login process from two simple form fields into a graphical, Javascript-based, non-standards-compliant(?), not-widely-supported, easily-snooped-upon ordeal. Just requiring scripts for a login form is bad already; then add all this other nonsense that's not likely to work in a lot of browsers (handhelds in particular) and you've created one annoying site.

_________________
Image 143
HyperNova Software is now live (but may take a few tries to load) currently down; check out my PSP/DS/Game Boy/Windows/Linux homebrew, ROM hacks, and Gameshark codes!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group