TechTaffy

tech:

taffy

Carnegie Mellon Researchers Use Inkblots For Password Security

By TechTaffy Desk

ink_blot_carnegie_mellon

Carnegie Mellon University computer scientists have developed a password system that incorporates inkblots in the password security process.

The new type of password, dubbed a GOTCHA (Generating panOptic Turing Tests to Tell Computers and Humans Apart), would be suitable for protecting high-value accounts, such as bank accounts, medical records and other sensitive information, say the researchers.

To create a GOTCHA, a user chooses a password and a computer then generates several random, multi-colored inkblots. The user describes each inkblot with a text phrase. These phrases are then stored in a random order along with the password. When the user returns to the site and signs in with the password, the inkblots are displayed again along with the list of descriptive phrases; the user then matches each phrase with the appropriate inkblot.

The research was supported by the National Science Foundation and the Air Force Office of Scientific Research.

[Image courtesy: Carnegie Mellon]

Just in

Seed

Oso Semiconductor raises $5.2M

Oso Semiconductor has raised $5.2 million in seed funding. The round was led by Engine Ventures.
People

Battelle appoints Tim Ryan to board of directors

Battelle has elected Tim Ryan, Citi’s Head of Technology and Business Enablement, to its board of directors.
Around the web

OpenAI launches ChatGPT Gov for U.S. government agencies — CNBC

It’s called ChatGPT Gov and was built specifically for U.S. government use; writes Hayden Field. 
Around the web

DeepSeek’s popular AI app is explicitly sending US data to China — Wired

Users have already reported several examples of DeepSeek censoring content that is critical of China or its policies, writes Matt Burgess and Lily Hay Newman. 
Around the web

DeepSeek hit with large-scale cyberattack, says it’s limiting registrations — CNBC

DeepSeek on Monday said it would temporarily limit user registrations “due to large-scale malicious attacks” on its services; writes Hayden Field.