SlideShare a Scribd company logo

GeoPasswords Replace Conventional Passwords

P
promediakw

7th Kuwait Info Security Forum 2015

Technology
1 of 14
Download to read offline
GEOGRAPHICAL PASSWORDS by Dr. Ziyad Al-Salloum ZSS LTD, Ras Al-Khaimah, UAE
WHY WE NEEDTO REPLACE CONVENTIONAL PASSWORDS? In 2011 a famous website (LinkedIn.com) has announced the exposure of millions of its hashed passwords, it was a matter of days for these passwords to become publicly known after cyber criminals deciphered them. Fifty million passwords, in another breach, have been stolen from the famous Evernote service, leading the cooperation to issue a security notice to rush its clients to reset their – soon to be cracked – passwords.
Twitter also has been under attacks that made the encrypted passwords of around 250,000 of its users exposed to cybercriminals. Even passwords that were constructed by highly skilled cybercriminals were deciphered, such as the one used to control the Flame Botnet, where the password was: 900gage!@# which happens not to be so obvious. Moreover, a study revealed, after analyzing 32 million publicly leaked passwords from the gaming website RockYou, showed that “passwords were generally short, conform to existing language patterns and show a great deal of overlap,” unfortunately, the passwords were unencrypted.
Even some military personnel – whom are supposed to adopt more restrictive password policies – failed to use strong passwords, as revealed by Booz Allen Hamilton breach incident. In another study, by Joseph Bonneau which analyzed around 70 million anonymized yahoo passwords, finding that for an attacker guessing the passwords online (using popular guesses), passwords would only provide 10 bits of security, while only 20 bits are available if the attacker brute forced the passwords offline, providing a very weak protection.
Google has considered authentication as one of the biggest threats towards cloud computing and highlighted the need to displace conventional text passwords. Proposing an effective replacement of conventional passwords could reduce 76% of data breaches, based on an analysis of more than 47000 reported security incidents.
WHAT ISTHE ROOT CAUSE OF THE PROBLEM? Humans – in general – do not prefer to memorize characters and if they had to, they do it in the least possible effort.This human behavior – in the context of conventional passwords – leads to different vulnerabilities, including: • Using passwords that are vulnerable to dictionary attacks. • Using passwords that are short enough to be vulnerable to brute-force attacks. • Using the same password for different accounts.
• Constructing a password using obvious information, such as birthdays or addresses, making the password easy to guess. • Avoid changing the password according to a recommended time interval. • In the event of changing a password, the new password selected by the user is usually not very different from the previous one.
GEOGRAPHICAL PASSWORDS These vulnerabilities have been a main reason to many accounts compromises.To address these vulnerabilities we propose the concept of GeoGraphical passwords.We define a GeoGraphical password as: A GeoGraphical password is a password that has been constructed based on GeoGraphical information. We mean by geographical information the “knowledge acquired through processing geographically referenced data;" that is, data identified according to places on the Earth’s surface.
If users were able to select geographical locations as their access credentials then many vulnerabilities of the existing password-based authentication systems can be addressed. That is because geographical locations are: • Easy (& enjoyable) to remember and hard to forget; especially if there were feelings and memories associated with the selected places. • Diverse; there are many geographical locations where the user can select from. • Hard to predict; as users choose places based on their preference and experiences. These elements add strength to the access credential and makes it harder for adversaries to compromise.
ZSS LOGIN • ZSS Login is the world's first geographical password solution. It simply lets planet Earth log you in securely! • UK Patent # GB2509314
ZSS LOGIN DEMO
Thank you! Any questions? ZSS.NET

Recommended

The Deep Web
The Deep WebThe Deep Web
The Deep WebMelissa Pereira
 
Darknet
DarknetDarknet
DarknetBijayKumarSingh11
 
Internet safety
Internet safetyInternet safety
Internet safetyjoseluisbetico
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internetdevashishicai
 
Attacks Types
Attacks TypesAttacks Types
Attacks TypesRajuPrasad33
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
 
Deep web
Deep webDeep web
Deep webProgramar Animesh
 
The Dark Web by Kenneth Yu
The Dark Web by Kenneth YuThe Dark Web by Kenneth Yu
The Dark Web by Kenneth YuKenny Yu
 

Recommended

The Deep Web
The Deep WebThe Deep Web
The Deep WebMelissa Pereira
 
Darknet
DarknetDarknet
DarknetBijayKumarSingh11
 
Internet safety
Internet safetyInternet safety
Internet safetyjoseluisbetico
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internetdevashishicai
 
Attacks Types
Attacks TypesAttacks Types
Attacks TypesRajuPrasad33
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
 
Deep web
Deep webDeep web
Deep webProgramar Animesh
 
The Dark Web by Kenneth Yu
The Dark Web by Kenneth YuThe Dark Web by Kenneth Yu
The Dark Web by Kenneth YuKenny Yu
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentationTo Mal
 
Hackers ethics presentation
Hackers ethics presentationHackers ethics presentation
Hackers ethics presentationteriwoja
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Dark web investigation
Dark web investigationDark web investigation
Dark web investigationCobinweb
 
The Deep Web
The Deep WebThe Deep Web
The Deep Webmartinp
 
The Dark Web
The Dark WebThe Dark Web
The Dark WebConnor Willer
 
Social Engineering : To Err is Human...
Social Engineering : To Err is Human...Social Engineering : To Err is Human...
Social Engineering : To Err is Human...n|u - The Open Security Community
 
rajat_ppt
rajat_pptrajat_ppt
rajat_pptRajat Guta
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringNeelu Tripathy
 
3D password
3D password3D password
3D passwordanuradha srivastava
 
Dark web
Dark webDark web
Dark webVaishnaviSrivastava18
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewYury Chemerkin
 
Deep web
Deep webDeep web
Deep webManoj Prasad
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1Swagato Dey
 
Hackers
HackersHackers
HackersAlvaro Cipriano
 
Hackers
HackersHackers
Hackersguesta04f59b
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15haney888
 
Invisible Web
Invisible Web Invisible Web
Invisible Web Muhammad Azeem Mazhar
 
3 dpswd
3 dpswd3 dpswd
3 dpswdHeena Chugh
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark webParvez Hossain
 
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...promediakw
 
Dr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementDr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementpromediakw
 

More Related Content

What's hot

Dark web presentation
Dark web presentationDark web presentation
Dark web presentationTo Mal
 
Hackers ethics presentation
Hackers ethics presentationHackers ethics presentation
Hackers ethics presentationteriwoja
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Dark web investigation
Dark web investigationDark web investigation
Dark web investigationCobinweb
 
The Deep Web
The Deep WebThe Deep Web
The Deep Webmartinp
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewYury Chemerkin
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1Swagato Dey
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15haney888
 

What's hot (20)

Dark web presentation
Dark web presentationDark web presentation
Dark web presentation
 
Hackers ethics presentation
Hackers ethics presentationHackers ethics presentation
Hackers ethics presentation
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internet
 
Dark web investigation
Dark web investigationDark web investigation
Dark web investigation
 
The Deep Web
The Deep WebThe Deep Web
The Deep Web
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
 
Social Engineering : To Err is Human...
Social Engineering : To Err is Human...Social Engineering : To Err is Human...
Social Engineering : To Err is Human...
 
rajat_ppt
rajat_pptrajat_ppt
rajat_ppt
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
3D password
3D password3D password
3D password
 
Dark web
Dark webDark web
Dark web
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 
Deep web
Deep webDeep web
Deep web
 
3D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 13D Password M Sc BHU Sem 1
3D Password M Sc BHU Sem 1
 
Hackers
HackersHackers
Hackers
 
Hackers
HackersHackers
Hackers
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15
 
Invisible Web
Invisible Web Invisible Web
Invisible Web
 
3 dpswd
3 dpswd3 dpswd
3 dpswd
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark web
 

Viewers also liked

Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...promediakw
 
Dr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementDr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementpromediakw
 
Traffic Access and Impact Study Guidelines & Procedures
Traffic Access and Impact Study Guidelines & ProceduresTraffic Access and Impact Study Guidelines & Procedures
Traffic Access and Impact Study Guidelines & Proceduresgscplanning
 
X pages day発表_20141118
X pages day発表_20141118X pages day発表_20141118
X pages day発表_20141118Takashi Yamori
 
Big Digs - Site Development & Underground Solutions for Mining
Big Digs - Site Development & Underground Solutions for Mining Big Digs - Site Development & Underground Solutions for Mining
Big Digs - Site Development & Underground Solutions for Mining Agata Woźniak
 
DHCP on windows server 2012
DHCP on windows server 2012DHCP on windows server 2012
DHCP on windows server 2012turkialbakry
 
Fragmented Audiences in a Diverse Media Landscape
Fragmented Audiences in a Diverse Media Landscape Fragmented Audiences in a Diverse Media Landscape
Fragmented Audiences in a Diverse Media Landscape laneford
 
каталог Aeg 12 13
каталог Aeg 12 13каталог Aeg 12 13
каталог Aeg 12 13azovinstrument
 
Preliminary school magazine Titles
Preliminary school magazine TitlesPreliminary school magazine Titles
Preliminary school magazine TitlesAmir Mohseny
 

Viewers also liked (16)

Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
 
Dr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementDr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste management
 
kolonisasyon sa asya
kolonisasyon sa asyakolonisasyon sa asya
kolonisasyon sa asya
 
Media Buy
Media BuyMedia Buy
Media Buy
 
Traffic Access and Impact Study Guidelines & Procedures
Traffic Access and Impact Study Guidelines & ProceduresTraffic Access and Impact Study Guidelines & Procedures
Traffic Access and Impact Study Guidelines & Procedures
 
X pages day発表_20141118
X pages day発表_20141118X pages day発表_20141118
X pages day発表_20141118
 
Cash for gold company canada
Cash for gold company canadaCash for gold company canada
Cash for gold company canada
 
Q 6
Q 6 Q 6
Q 6
 
Delivery kpi
Delivery kpiDelivery kpi
Delivery kpi
 
Big Digs - Site Development & Underground Solutions for Mining
Big Digs - Site Development & Underground Solutions for Mining Big Digs - Site Development & Underground Solutions for Mining
Big Digs - Site Development & Underground Solutions for Mining
 
DHCP on windows server 2012
DHCP on windows server 2012DHCP on windows server 2012
DHCP on windows server 2012
 
Lr1 1 n
Lr1 1 nLr1 1 n
Lr1 1 n
 
Fragmented Audiences in a Diverse Media Landscape
Fragmented Audiences in a Diverse Media Landscape Fragmented Audiences in a Diverse Media Landscape
Fragmented Audiences in a Diverse Media Landscape
 
каталог Aeg 12 13
каталог Aeg 12 13каталог Aeg 12 13
каталог Aeg 12 13
 
Lr1 3 n
Lr1 3 nLr1 3 n
Lr1 3 n
 
Preliminary school magazine Titles
Preliminary school magazine TitlesPreliminary school magazine Titles
Preliminary school magazine Titles
 

Similar to GeoPasswords Replace Conventional Passwords

So whats in a password
So whats in a passwordSo whats in a password
So whats in a passwordRob Gillen
 
Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Kailas Patil
 
Can blockchain replace your password and make it more secure
Can blockchain replace your password and make it more secureCan blockchain replace your password and make it more secure
Can blockchain replace your password and make it more secureBlockchain Council
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!InnoTech
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst PracticesImperva
 
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Fego Ogwara
 
Password Cracking using dictionary attacks
Password Cracking using dictionary attacksPassword Cracking using dictionary attacks
Password Cracking using dictionary attackslord
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolIJERD Editor
 
Improving Password Based Security
Improving Password Based SecurityImproving Password Based Security
Improving Password Based SecurityRare Input
 
An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication IJMER
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewSTO STRATEGY
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Selman Bozkır
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentationJoan Dembowski
 
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...ADEIJ Journal
 
Making Software Secure by Design
Making Software Secure by DesignMaking Software Secure by Design
Making Software Secure by DesignOmegapoint Academy
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
 
Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseMichal Špaček
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaIOSR Journals
 
IRJET- Honeywords: A New Approach for Enhancing Security
IRJET- Honeywords: A New Approach for Enhancing SecurityIRJET- Honeywords: A New Approach for Enhancing Security
IRJET- Honeywords: A New Approach for Enhancing SecurityIRJET Journal
 

Similar to GeoPasswords Replace Conventional Passwords (20)

OlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_FinalOlgerHoxha_Thesis_Final
OlgerHoxha_Thesis_Final
 
So whats in a password
So whats in a passwordSo whats in a password
So whats in a password
 
Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222
 
Can blockchain replace your password and make it more secure
Can blockchain replace your password and make it more secureCan blockchain replace your password and make it more secure
Can blockchain replace your password and make it more secure
 
Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!Social and Mobile and Cloud OH MY!
Social and Mobile and Cloud OH MY!
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst Practices
 
Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...Securing Database Passwords Using a Combination of hashing and Salting Techni...
Securing Database Passwords Using a Combination of hashing and Salting Techni...
 
Password Cracking using dictionary attacks
Password Cracking using dictionary attacksPassword Cracking using dictionary attacks
Password Cracking using dictionary attacks
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication Protocol
 
Improving Password Based Security
Improving Password Based SecurityImproving Password Based Security
Improving Password Based Security
 
An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication An Enhanced Security System for Web Authentication
An Enhanced Security System for Web Authentication
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentation
 
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
 
Making Software Secure by Design
Making Software Secure by DesignMaking Software Secure by Design
Making Software Secure by Design
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
 
Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of Defense
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schema
 
IRJET- Honeywords: A New Approach for Enhancing Security
IRJET- Honeywords: A New Approach for Enhancing SecurityIRJET- Honeywords: A New Approach for Enhancing Security
IRJET- Honeywords: A New Approach for Enhancing Security
 

More from promediakw

ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمانورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمانpromediakw
 
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق promediakw
 
إنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتيإنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتيpromediakw
 
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي promediakw
 
2د. محمد كمال
2د. محمد كمال 2د. محمد كمال
2د. محمد كمال promediakw
 
د. محمد كمال
د. محمد كمال د. محمد كمال
د. محمد كمال promediakw
 
وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامةpromediakw
 
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروةpromediakw
 
أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميدياpromediakw
 
بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال promediakw
 
مؤتمر النفايات
مؤتمر النفاياتمؤتمر النفايات
مؤتمر النفاياتpromediakw
 
Eng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste managementEng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste managementpromediakw
 
Dr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systemsDr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systemspromediakw
 
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...promediakw
 
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...promediakw
 
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...promediakw
 
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1promediakw
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Mr. Naveed Ahmed - Security threats & gaps in kuwait
Mr. Naveed Ahmed - Security threats & gaps in kuwaitMr. Naveed Ahmed - Security threats & gaps in kuwait
Mr. Naveed Ahmed - Security threats & gaps in kuwaitpromediakw
 

More from promediakw (20)

ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمانورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
 
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
 
إنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتيإنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتي
 
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
 
2د. محمد كمال
2د. محمد كمال 2د. محمد كمال
2د. محمد كمال
 
د. محمد كمال
د. محمد كمال د. محمد كمال
د. محمد كمال
 
وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة
 
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
 
أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا
 
بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال
 
مؤتمر النفايات
مؤتمر النفاياتمؤتمر النفايات
مؤتمر النفايات
 
Eng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste managementEng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste management
 
Dr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systemsDr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systems
 
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
 
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
 
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
 
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Mr. Naveed Ahmed - Security threats & gaps in kuwait
Mr. Naveed Ahmed - Security threats & gaps in kuwaitMr. Naveed Ahmed - Security threats & gaps in kuwait
Mr. Naveed Ahmed - Security threats & gaps in kuwait
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

GeoPasswords Replace Conventional Passwords

  • 1. GEOGRAPHICAL PASSWORDS by Dr. Ziyad Al-Salloum ZSS LTD, Ras Al-Khaimah, UAE
  • 2. WHY WE NEEDTO REPLACE CONVENTIONAL PASSWORDS? In 2011 a famous website (LinkedIn.com) has announced the exposure of millions of its hashed passwords, it was a matter of days for these passwords to become publicly known after cyber criminals deciphered them. Fifty million passwords, in another breach, have been stolen from the famous Evernote service, leading the cooperation to issue a security notice to rush its clients to reset their – soon to be cracked – passwords.
  • 3. Twitter also has been under attacks that made the encrypted passwords of around 250,000 of its users exposed to cybercriminals. Even passwords that were constructed by highly skilled cybercriminals were deciphered, such as the one used to control the Flame Botnet, where the password was: 900gage!@# which happens not to be so obvious. Moreover, a study revealed, after analyzing 32 million publicly leaked passwords from the gaming website RockYou, showed that “passwords were generally short, conform to existing language patterns and show a great deal of overlap,” unfortunately, the passwords were unencrypted.
  • 4. Even some military personnel – whom are supposed to adopt more restrictive password policies – failed to use strong passwords, as revealed by Booz Allen Hamilton breach incident. In another study, by Joseph Bonneau which analyzed around 70 million anonymized yahoo passwords, finding that for an attacker guessing the passwords online (using popular guesses), passwords would only provide 10 bits of security, while only 20 bits are available if the attacker brute forced the passwords offline, providing a very weak protection.
  • 5. Google has considered authentication as one of the biggest threats towards cloud computing and highlighted the need to displace conventional text passwords. Proposing an effective replacement of conventional passwords could reduce 76% of data breaches, based on an analysis of more than 47000 reported security incidents.
  • 6. WHAT ISTHE ROOT CAUSE OF THE PROBLEM? Humans – in general – do not prefer to memorize characters and if they had to, they do it in the least possible effort.This human behavior – in the context of conventional passwords – leads to different vulnerabilities, including: • Using passwords that are vulnerable to dictionary attacks. • Using passwords that are short enough to be vulnerable to brute-force attacks. • Using the same password for different accounts.
  • 7. • Constructing a password using obvious information, such as birthdays or addresses, making the password easy to guess. • Avoid changing the password according to a recommended time interval. • In the event of changing a password, the new password selected by the user is usually not very different from the previous one.
  • 8. GEOGRAPHICAL PASSWORDS These vulnerabilities have been a main reason to many accounts compromises.To address these vulnerabilities we propose the concept of GeoGraphical passwords.We define a GeoGraphical password as: A GeoGraphical password is a password that has been constructed based on GeoGraphical information. We mean by geographical information the “knowledge acquired through processing geographically referenced data;" that is, data identified according to places on the Earth’s surface.
  • 9. If users were able to select geographical locations as their access credentials then many vulnerabilities of the existing password-based authentication systems can be addressed. That is because geographical locations are: • Easy (& enjoyable) to remember and hard to forget; especially if there were feelings and memories associated with the selected places. • Diverse; there are many geographical locations where the user can select from. • Hard to predict; as users choose places based on their preference and experiences. These elements add strength to the access credential and makes it harder for adversaries to compromise.
  • 10.
  • 11. ZSS LOGIN • ZSS Login is the world's first geographical password solution. It simply lets planet Earth log you in securely! • UK Patent # GB2509314
  • 13.