Browser history key to unlock lost passwords


Using the principle that we mere humans tend to remember visual cues such as simple images better than complex things like our own internet banking passwords, computer scientists have devised a way to securely verify our online identities.

The proposed system, created at Indiana University, uses cached snapshots of the websites a user has visited over the last few days or weeks to check if anyone seeking identity verification

really is who they say they are

[PDF link].

Who are you?

It throws in a few red herrings and it’s whether or not the user spots these on which verification rests. Get it wrong and, so the theory goes, A.N. Other is probably not getting into that fat bank account he’s been eyeing up.

Privacy concerns are addressed by keeping the surfing record on a secure server, but it certainly seems a whole lot simpler to apply a little discipline and just remember your password in the first place.