Faces Are the New Secure Passwords

Future Tense
The Citizen's Guide to the Future
June 24 2014 6:45 AM

Faces Are the New Passwords

facelock3

Shutterstock/Getty

This article originally appeared at Science of Us.

One of the nine faces above is familiar to me, but the rest aren't. Can you pick it out? The answer is at the bottom of this post, and I don't like your odds. This grid is a "facelock," an alternative to the password system most websites use, and a study soon to be published in PeerJ suggests that facelocks are a promising method of ensuring online security.

Advertisement

No one likes passwords, after all—they're tricky to remember and require frequent re-dos for security purposes. Facelocks, explain the study authors, could provide a viable alternative by capitalizing on a major strength of humans: We're great at recognizing faces, and particularly at distinguishing familiar from unfamiliar ones.

The study, conducted by researchers at the Universities of York and Glasgow, tested the feasibility of a facelock that blocks access to a given program or device until the user can recognize several familiar faces in a sea of unfamiliar ones. Users selected faces familiar to them, and then both they and hypothetical "attackers" were asked to try to get into their accounts by successfully selecting the right face out of a grid of nine four times in a row.

What's key here is that an effective facelock doesn't ask you to pluck out Kanye West from a bunch of random stock photos — rather, the strength of this sort of system relies on users selecting photos they can easily recognize, but few others can. So it was recommended to the study participants that they choose their favorite "Z-List" celebrities, like famous cellists or skiers (sorry, professional cellists and skiers). Friends and family members wouldn't be a good idea on the off chance one of them tried to crack your e-mail.

This was more of a proof of concept than a massive study of a near-finished product, but still, the study showed that a system like this could potentially work well. On the usability side, 97.5 percent of users could get into their hypothetical account a week after selecting faces for a facelock system, and a full year later that number had only dropped to 86 percent (think of what your success rate would be for a password you didn't use for a year). As for security, neither strangers (0.9 percent) nor close friends and family members of the person who chose the photos (6.6 percent) had much luck cracking facelocks, and those numbers dropped even further when it came to succeeding on the first attempt.

As for the above, the handsome gent in the middle of the right column is legendary-to-Patriots-fans wide receiver Troy Brown. Maybe he's a bit too famous for use as a facelock face, but given all the exciting moments he provided me and other New Englanders over the years, I'd trust him with my data any day.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Jesse Singal is a senior editor at NYMag.com, where he edits the social-science blog Science of Us. Follow him on Twitter at @jessesingal.  

TODAY IN SLATE

Technocracy

Forget Oculus Rift

This $25 cardboard box turns your phone into an incredibly fun virtual reality experience.

Stop Panicking. America Is Now in Very Good Shape to Respond to the Ebola Crisis.

The 2014 Kansas City Royals Show the Value of Building a Mediocre Baseball Team

The GOP Won’t Win Any Black Votes With Its New “Willie Horton” Ad

Sleater-Kinney Was Once America’s Best Rock Band

Can it be again?

Politics

Smash and Grab

Will competitive Senate contests in Kansas and South Dakota lead to more late-breaking races in future elections?

I Am 25. I Don’t Work at Facebook. My Doctors Want Me to Freeze My Eggs.

These Companies in Japan Are More Than 1,000 Years Old

  News & Politics
The World
Oct. 21 2014 11:40 AM The U.S. Has Spent $7 Billion Fighting the War on Drugs in Afghanistan. It Hasn’t Worked. 
  Business
Business Insider
Oct. 21 2014 11:27 AM There Is Now a Real-life Hoverboard You Can Preorder for $10,000
  Life
Quora
Oct. 21 2014 11:37 AM What Was It Like to Work at the Original Napster?
  Double X
The XX Factor
Oct. 20 2014 6:17 PM I Am 25. I Don't Work at Facebook. My Doctors Want Me to Freeze My Eggs.
  Slate Plus
Tv Club
Oct. 20 2014 7:15 AM The Slate Doctor Who Podcast: Episode 9 A spoiler-filled discussion of "Flatline."
  Arts
Brow Beat
Oct. 21 2014 11:34 AM Germans Really Are More Punctual. Just Ask Angela Merkel.
  Technology
Technology
Oct. 21 2014 10:43 AM Social Networking Didn’t Start at Harvard It really began at a girls’ reform school.
  Health & Science
Climate Desk
Oct. 21 2014 11:53 AM Taking Research for Granted Texas Republican Lamar Smith continues his crusade against independence in science.
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.