PASSWORDS INTRODUCTION As per the dictionary the definition of password is a string of characters that allows access to a computer, interface,

or system. This definition may create an impression upon the reader that a password was invented only for computers and other such electronic uses. But if we trace back in history we come to know that passwords were used even before the computer were invented. Experts say that the ancient Egyptians used passwords to encrypt the tombs and there valuable artefacts. The ancient Egyptian period started around 3000BC. So from this one can imagine that the idea of passwords originated long back even before the birth of Christ. So the general definition of passwords become as A secret word or phrase that must be used to gain admission to something. Later the idea of computers started emerging in 1936 and later development of internet begun from about 1950s. As the internet began to develop the scientist started foreseeing that with internet the privacy of the users can be easily destroyed and can be made misuse of. So after lot of thinking the first computer password was developed in 1961 at the Massachusetts Institute of Technology. TYPES OF PASSWORDS If we limit our self only to computers and laptops then different types of passwords are:

POWER ON PASSWORD When the Power-on password has been set, a prompt will appear during the system start up, and the Power-on password must be entered before an operating system can be booted. HARD DRIVE PASSWORD There are two modes for the hard drive password: user only and master + user. For the master + user option there will be two passwords, one that will be set by the computers admin and other that will be set by the user. In this if the user wants to have an access to the computer then it is compulsory that the admin first enters his password. So on start up 2 passwords will have to be entered one by the admin and other by the user. On the other hand in the user only mode there will be prompt for only one password. In this either the admin password or the user password can be entered to gain access to the computer. SUPERVISOR PASSWORD (BIOS PASSWORD) A supervisor password is used to protect the systems information stored in the bios. Normally the information stored in the BIOS is the system settings, boot settings, clock settings, installed memory, etc. If supervisor password is kept on then to access or change these settings we have to enter a password. OPERATING SYSTEM PASSWORD

This is the most common type of password. After the computer has finished loading the operating system then for the user to access this operating system i.e. the different application installed on the hard drive the user has to enter this login password.

In all the above types the common thing was that we have to enter the password i.e. there will be a text field in which we have to type our password. However due to all the hacking stuff textual passwords are not very secure. For simple home users there is no need for them to choose a difficult password however for bigger applications like national security, banks, space stations, or places where databases of millions of people are to be kept secret it becomes highly important to provide top security to the computers or the servers used in these places. So along with the textual password other method was developed as a password in these places, which was biometric verification. Biometric verification includes: Fingerprint scanner Iris pattern authentication Retina pattern authentication Voice recognition Facial recognition Hand geometry Earlobe geometry Signature comparison These methods are highly secure however each has its own disadvantage for e.g. in voice recognition it is highly important that there should be no external noises. The latest innovation in passwords is the 3D PASSWORDS 3D PASSWORDS In our computer as stated above we enter a textual password that is decided by us. The common tendency of a human is to choose a password that would be easy for him/her to remember like meaningful words from dictionary or their pet names, girlfriends etc. However if the password chosen is easy then it becomes easy for the hackers to crack the password which compromises the information that the user wants to secure. So to avoid the hackers from guessing the password easily the user may choose a tough password. But remembering it would be difficult and so the person may make a note of it either in written of electronic form, which again compromises his security since he is bound to forget the password more easily or the written password may fall into wrong hands. . Users have difficulty remembering a password that is long and random appearing. So, they create short, simple, and insecure passwords that are susceptible to attack. Which make textual passwords easy to break and vulnerable to dictionary or brute force attacks.

So it is necessary that the password is easier to remember but hard to guess so in this case 3d passwords come into picture. 3d password is actually a software in which there is a 3dimensional environment rather than a simple text box. In a simple textual password you enter a text but in 3d password you interact with variety of objects that are present in that environment. The sequence of interaction with the objects is your password and if you interact in a particular sequence with the objects then only you can gain access to whatever is secured by the software. To understand it clearly consider a virtual room for your 3d password is a classroom. In a classroom the things that would be present are

So the environment of your 3d password is a classroom and the above listed are the objects in that environment (classroom). The environment is developed such that you can get the full view of the classroom and can move around using your arrow keys and the mouse. Now suppose the admin has set the password in following way

First the user has to click on the blackboard then he will be shown this board in the screen of his monitor.

On this he has to draw a pattern which looks like this

Then user has to click on the geographical map. As he clicks on the map he will be shown the following map on the screen.

On this the user has to click on the place decided by the admin say Australia

And finally user has to select the bookcase. He will be shown a bookshelf like this

The user has to select 5th book from the left on the 3rd shelf.

So only when the user follows this sequence of interaction he will be granted access. If the user fails to follow this sequence or these steps he will be denied the access. It is not necessary that the environment is a classroom only. It can be anything and also the objects and the way they interact can be different completely ADVANTAGES 1 .The user can decide his own authentication schemes. If he's comfortable with Recall and Recognition methods then he can choose the 3d authentication just used. 2. The authentication can be improved since the unauthorised persons will not interact with the same object as a legitimate user would. We can also include a timer. Higher the security higher the timer. Say after 20 seconds a weak password will be thrown out. 3. The 3D environment can change according to users request. 4. It would be difficult to crack using regular techniques. Since all the algorithms follow steps to authenticate, our project has no fixed number of steps. Hence to calculate all those possibilities and decipher them is not easy. 5. Added with biometrics and card verification, the scheme becomes almost unbreakable. APPLICATIONS

The 3d password can have a password space that is very large compares to other authentication schemes, so the 3D passwords main application domains are protecting critical systems and resources like: Critical servers Nuclear reactors and military facilities Airplanes and missile guiding

Also it can be used in less critical applications like Atm Personal digital assistance Desktop computers and laptops Web authentication Thus with 3d password the authentication can increase and more security can be provided. If combined with biometrics the system becomes almost unbreakable.

STEPS FOR CHOOSING A SECURE PASSWORD

Use length to your advantage. :E.g. Superfantabulous Form a "random" sequence of words and/or letters :E.g. slenderman Add numbers to the password to make it more secure. E.g. slenderman9090 Use punctuation and symbols to "complicate"
E.g. slenderman$9090

it

further.

Create complexity with upper and lowercase letters. E.g. sLeNdErMaN$2000 Generate similar but altered passwords E.g. slender$2000man Don't use obvious base-words like a name, birthday or date, these are easier to crack than whole phrases. For even more security, try to use "nonsense words." Combine these with numbers to make memorable, secure passwords. For example, "brickbeak9468." Change your passwords periodically. If you have trouble remembering all the passwords you need, try using a password manager, they can store all your passwords securely using a single master password.

--by SID