• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Photos as Visual Passwords Could Foil Hackers?

April 18, 2006

Views: 236,844

I’ve tried out a few of these visual recognition password technique things, and to tell you the truth they didn’t work for me, not at all.

I clicked the requisite 3-4 spots on the image, and remembered them, but when I tried to login it wouldn’t accept it.

A password that uses images instead of numbers could give some people access to secure information on personal electronic devices or at ATMs within the next year.

The image authentication system uses a pair of digital images instead of a string of numbers to make logging in simple for the legitimate user, but difficult for impersonators.

“It is expected that many of the conventional user authentication systems would be able to be replaced with our scheme, since recognition of images is significantly easier for human beings than precise recall of passwords,” said team leader Masakatsu Nishigaki, a professor of informatics at Shizuoka University in Japan, where the system is being developed.

Source: Discovery Channel

There is a simple implementation of it I saw called Passclicks over at mininova

http://labs.mininova.org/passclicks/

Passclicks is a new way to login to websites without users having to remember thir old style textual password. Studies have revealed that humans are way better in remembering visual things than textual things. With passclicks your normal textual passwords are replaced with a sequence of clicks on an image.

It is true most people remember things a lot better visually.

I think the Japanese 4 ‘digit’ icon type password might be pretty good though, as a different form of pin number.

Share
Tweet
Share1
Buffer
WhatsApp
Email
1 Shares

Filed Under: Hacking News Tagged With: password-hacking, password-security, passwords



Reader Interactions

Comments

  1. Mariam Ayyash says

    April 18, 2006 at 9:22 am

    I tried it, i remembered only four clicks! it is very possible for me to keep forgetting one click :s so it doesnt always work, does it?

  2. Navaho Gunleg says

    April 18, 2006 at 12:09 pm

    I think the concept itself is original and pretty neat: the more happening on the image, the more possible locations one could click on, so the harder it will be to brute-force the password. Sure the demo is just a proof-of-concept, and it’s probably configurable in the end, but one shouldn’t even limit it to only 5 clicks.

    It could even be a bit ‘stronger’ if the person that wants to log-in has to choose one image out of many, first, and not always show the same scenic image of Amsterdam in the Netherlands…

    Problems though are, like happened to Mariam, that one could easily forgetting a click. Or one does remember the clicks, but forgot in what exact order.

    Then again, people have even worse problems remembering an alpha-numeric password at least 12 characters in length.

    I can definately see this type of thing taking off. It would suck pretty badly for existing text-based services though (such as SSH). Don’t get me wrong, some ASCII art looks pretty cool, but there may be some problems there. ;)

    But for websites it could do the job perfectly.

    Though, if it’s only to prevent people from forgetting their passcodes, I do not think that’s going to be solved. I grew up in the age of PIN codes and passwords so I don’t have any problems with remembering them, as long as I frequently use them. Most people will forget them because of exactly that. So this authentication scheme could fail just as much…

    Just my two cents…

  3. Darknet says

    April 19, 2006 at 4:06 am

    Mariam: No password works if you forgot 20% of it ;)

    Navaho: Yah it’s definately an interesting concept, how are you going to brute force the image? I did think of that though, the backend has to have some kind of image map which sends the co-ordinates or something similar to the server, so theoretically can’t you just send all combinations of all co-ordinates to the backend, in time ‘brute-forcing’ the image verification? I guess the entropy would be increased hugely if you used multiple random images like you said. Definately good for websites and things like PDA/smart phones where they already have visual navigation aids.

  4. Navaho Gunleg says

    April 19, 2006 at 6:22 am

    Darknet: Well, if the image would only show, say, portrait of someone, it could be possible for somebody else to guess the clicks looking for obvious spots to click. That’s the type of brute-forcing I meant. (One could also attempt random clicks every time until one succeeds but that’s pretty tedious.)

    So, in that respect, images are a better solution than a password in text. For the sake of argument, lets assume a password, in text, can only consist of 255 different characters.

    An image of 250×250 dimensions would give far greater ‘randomness’ — more possible pixels than characters in a text-password, thus brute-forcing isn’t as trivial as with text.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 288

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 493

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 490

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Shell3r - Powerful Shellcode Obfuscator for Offensive Security

Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Views: 690

If antivirus and EDR vendors are getting smarter, so are the tools that red teamers and penetration … ...More about Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Views: 8,478

Introduction: How Much of the Internet Can You See? You're only scratching the surface when you … ...More about Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for forensic investigations and recovery scenarios.

DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Views: 469

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for … ...More about DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (227)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (73)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,291,666)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,069)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,614)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,675)
  • Password List Download Best Word List – Most Common Passwords (933,462)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,130)
  • Hack Tools/Exploits (673,286)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,143)

Search

Recent Posts

  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025
  • Shell3r – Powerful Shellcode Obfuscator for Offensive Security May 2, 2025
  • Understanding the Deep Web, Dark Web, and Darknet (2025 Guide) April 30, 2025
  • DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux April 28, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy