IPRI - Humans First!
Services Research & Publications Articles & Books Discussion Boards Web Usability Center Our Supporters
 
Ideas & Opinions
  
E-Consumer Education
E-Crime Protection
Web Usability Center
Psychology Explorer
Art Gallery
Mental Fitness Gym
News Room
Discussion Boards
Greeting Cards & Stuff
Ideas & Opinions
About IPRI
Support IPRI
Contact Us
Services
Research & Publications
Articles & Books
Site Map
Ideas & Opinions

 

> The Weakest Link in Internet Security: Human Memory?

The Weakest Link in Internet Security: Human Memory?
   - Y. Shapiro, IPRI

Ever since the so called Cognitive Revolution replaced behaviorism with Cognitive Science, in psychology, Human Memory and Human Mind have been modeled as the computer. But now, the Internet Security Problem brings forth what computer scientists call "the human limitation with precise recall", namely the inability to remember and recall with precision a variety of random eight character combinations the internet user needs to keep safe his/her different accounts and corporate networks. Yet, even though it contradicts everything we have learned about human memory in everyday life, such ability has been postulated by all Cognitive Science models of human memory and, supposedly, proven by laboratory experiments on nonsense syllables and such. Now, real people strike back and the computer scientist is rediscovering "the human limitation with precise recall".

Limitation? In so far as HUMAN minds are concerned, their strong preference for creating, remembering, and manipulating MEANINGFUL symbols is their greatest strength and the engine of their creative endeavors -science, arts, literature, music, etc. Curiously enough, it is that strength of human minds that now clashes with and is threatening Internet Security - Internet users pick up meaningful words to be their passwords. Breaking a RANDOM eight-character password would take more than 13 years on average even for the password-cracking programs that can test nearly 8 million combinations every second on the latest Pentium 4 processor. But majority of passwords are not made of random characters. Rather, they are meaningful words that can be easily remembered. Sometimes, they have a few numerical extensions, which do not complicate the hacker's life to any significant extent.

Hackers can crack most of commonly used passwords in less than a minute. And once they discover passwords on one server, they frequently have the way to other servers. Having stolen the digital keys to a large fraction of the accounts on the network, an intruder can wander about preserving the appearance of a legitimate user. This is why the password security threat is a really problem.

"Passwords are one of the biggest security problems that corporate America has," said Chris Pick, associate vice president for product strategy at PentaSafe Security Technologies And an interesting problem it is, for both the Psychology of Human Memory and the Internet Security Systems.

To read the CNET Security Report by Robert Lemos , entitled Passwords: The weakest link click here

To discuss this note or send your own ideas and opinions on the topics related to Internet Psychology and Internet Psychology Research, please write ideas@ipri.org or use our discussion boards.

 
 
  back to top  


Welcome To IPRI | About IPRI | Support IPRI | Services | Research & Publications | Articles & Books
Discussion Boards | Web Usability Center | Our Supoorters | Site Map | Contact Us

©2001-2003, Internet Psychology Research Institute (IPRI).
Users of this web site agree with our Terms of Service, Privacy Policy, and Disclaimer.

Web site design by WebPark.ca and IPRI volunteers.
 
Welcome To IPRI About IPRI Support IPRI Contact Us