I'm Bob Karson with the discovery files--new advances in science and engineering from the National Science Foundation.
You know those strange-looking scrambled security words that appear on some sites to distinguish between you, a human, and an automated computer attack? That technology is called 'CAPCHA' developed by computer scientists at Carnegie Mellon University. Now, from the same team comes another system that provides an extra measure of security for sensitive information such as bank accounts and medical records, especially when lists of passwords have been stolen from websites. This one's called, 'gotcha'--generating pan optic turing tests to tell computers and humans apart.
The gotcha system works with what appear to be inkblot pictures. When you go to register a password, several inkblot "puzzles" come up. You make up a short description of what each image looks like: Things like "happy guy licking a lollipop" or "lady in poofy dress." Those descriptions are stored with your password, so you don't have to remember them when you sign in. All you need do is match the descriptions with the right inkblots--a feat an invading rogue automated computer cannot do on its own. When a computer constantly needs humans to help solve puzzles, it can no longer execute automated brute force attacks that try millions of combinations every second.
The developers have posted a challenge online inviting other security researchers to try and crack their system.
Some smart inking.
"The discovery files" covers projects funded by the government's National Science Foundation. Federally sponsored research--brought to you, by you! Learn more at nsf.gov or on our podcast.