Log in

No account? Create an account

Timing-based passwords

I occasionally hear about alternatives to passwords in computer systems that grant (or continue to permit) access to devices based on the user's measured keyboard use. We all have distinct habits in typing, and perhaps in mouse use as well. It's an interesting idea, but I don't imagine it'd work very well for me:

  • I like the ability to share my account with others if-needed, perhaps for a short time, perhaps longer. This might or might not involve sharing the password. I don't want my ability to do this limited
  • I don't want it to be a big deal if my typing habits change. Maybe I'm eating pasta or drinking tea, perhaps I'm trying to get a cat to stay on (or off) my lap. Perhaps I'm even hitting some keys with an elbow to change the music if I'm holding a book. I don't want the system to decide I'm no longer me and log me out/lock the screen. Maybe I even at some point decide to learn to type homerow proper-style.
  • Some of this is pure psychology. I don't want to feel the pressure to type normally. It makes me nervous thinking that if I go outside some hard-to-quantify bounds, I won't get in or can't stay in
On the other hand, I mostly don't know my passwords cognitively anymore (or at least need to think hard to recall them); they're all muscle memory and are just some kind of finger-constructed shape. Maybe that should make me nervous too.

I'm not saying that other kinds of authentication are necessarily bad all-things-considered, but not yet having considered all things (and having less-cognitive worries tied in), I'm nervous about them.