This sounds like a good idea. From a news article:
The technology, which measures the time for which keys are held down, as well as the length between strokes, takes advantage of the fact that most computer users evolve a method of typing which is both consistent and idiosyncratic especially for words used frequently such as a user name and password.
When registering, the user types his or her details nine times so that the software can generate a profile. Future login attempts are measured against the profile which, the company claims, can recognise the same user’s keystrokes with 99 per cent accuracy, using what is known as a “behavioural biometric.”
I wouldn’t want to automatically block users unless they get this right, and the false-positive/false-negative ratio would have to be jiggered properly, but if they can get it working right, it’s an extra layer of authentication for “free.”
Another news article. Slashdot thread.
Leave a comment