We are evaluating a new model of password security in which users place pieces on a game board (e.g., chess pieces on a chessboard). The fact that existing systems are either memorable or secure, but not both, motivated our approach. We are testing 14-15 year old high school students, college students 18-30, and older adults 60-80, and we are conducting two types of experiments. First, we are measuring all groups' memories for passwords of two and four game pieces (after a 20-minute filled delay). Second, we are testing college students' memories for five different passwords over a 12-week period in which the game changes after week 10. The results are expected to reveal a dramatically better authentication method compared to existing systems. More specifically, participants are expected to create unique passwords that they can remember. Furthermore, performance is expected to decline during the first 10 weeks, as their passwords begin to interfere with one another, and increase dramatically during the final two weeks, once the game changes and they are able to use a new type of memory. We will present the results at social science and computer security conferences, and submit for publication to sociology, psychology, and security journals. Our approach offers a radical breakthrough that is mathematically secure and easy to remember. The model is applicable to a wide range of electronic platforms, including smartphones, computers, ATMs, and other high-risk electronic gateways. Consequently, the potential to benefit society with more secure systems should have an enormous impact.
