You've all seen CAPTCHAs. Those are those distorted pictures of letters and numbers you sometimes see on web forms. The idea is that it's hard for computers to identify the characters, but easy for people to do. The goal of CAPTCHAs is to authenticate that there's a person sitting in front of the computer.
KittenAuth works with images. The system shows you nine pictures of cute little animals, and the person authenticates himself by clicking on the three kittens. A computer clicking at random has only a 1 in 84 chance of guessing correctly.
Of course you could increase the security by adding more images or requiring the person to choose more images. Another worry -- which I didn't see mentioned -- is that the computer could brute-force a static database. If there are only a small fixed number of actual kittens, the computer could be told -- by a person -- that they're kittens. Then, the computer would know that whenever it sees that image it's a kitten.
Still, it's an interesting idea that warrants more research.
Posted on April 10, 2006 at 1:19 PM • 82 Comments