Researchers have built a prototype authentication technique that could ultimately reduce the risk of attackers hacking users’ credentials via a keylogger or spyware.
The so-called Undercover system, which was built by Carnegie Mellon University faculty member Nicolas Christin and two CMU graduate students, approaches authentication differently: It hides the authentication challenges rather than the user’s input or password during the authentication process. The technique also can protect users from getting "shoulder-surfed" at the ATM machine while they type in their PIN, for instance, according to the researchers. "I am a bit nervous every time I withdraw money from an ATM," Christin said. "Crooks can see me type my ’secret’ PIN and very easily figure out what it is, which becomes a big problem if they also gain access to my card number." New Authentication Scheme Combats Keyloggers, Shoulder-Hacking - Desktop Security News Analysis - Dark Reading
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag