Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
GCoda2015-12-02 08:40:20
Mathematics
GCoda, 2015-12-02 08:40:20

Is it possible to implement two-factor authentication in the head?

An idea came up, and I immediately thought that I wasn’t the only one who thought about it, but I couldn’t find a ready-made solution, it’s either not necessary or not possible.
The essence of the idea is to use as a second "factor" simple manipulations in the mind. But I have never seen a fairly simple algorithm.
So far I have not come up with anything better than addition as a hash in my mind:
The server and the user know the numeric pincode
After entering the password, the server asks to add three random digits from the pincode and compares with its own result.
The pincode is not transmitted and does not leave the user's head.
If you implement such a simple system, then you need to at least calculate the required number of authorizations before the pincode can be completely restored. (how many attempts it takes to pick it up)
I have a feeling that someone has already done something like this, or it simply does not make sense, since it will be possible to sort through all the options while a person adds up 1 + 2 + 3 for the first entry ...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
M
Mercury13, 2015-12-02
@GCoda

It doesn't make sense for two reasons.
1. Easy to open.
2. Even if you do not know the PIN, the probability of selection is too high.
The second is due to the fact that we have numbers from 0 to 9 - which means that the sum of three will be in the range from 0 to 27. What about the first? If we have N digits, the code is restored in N linearly independent linear combinations. For example, we don't know c and d, but the combinations 2a+b, a+2b and a+b are linearly dependent, and if any two combinations are revealed, the third one will also be revealed. To do this, we need to solve the system of linear algebraic equations:
{ 2a ​​+ b = 10
{ a + 2b = 11
Hence a = 3, b = 4, and a + b = 7.

Report
O
Ocelot, 2015-12-02
@Ocelot

The idea of ​​"proving knowledge of the password without revealing the password itself" is poorly implemented on human brains. A person cannot quickly carry out complex (crypto-resistant) calculations in his mind. And everything that is easy to count in the mind, either easily allows you to calculate the password, or makes it more likely to pass the test by accident, without knowing the password.
At one time there was such an interesting implementation, but it needs a lot of "request-response" series.

Similar questions
V
Volgarastraport2018-03-12 09:23:26
[C#] How to work with MeasureString in a loop? 2Reply
K
KiTiger2015-11-04 12:50:13
What mathematical disciplines are needed, or will be a big plus in programming? 5Reply
D
Denis Ogurtsov2012-01-12 23:47:08
Exponential distribution law algorithm? 3Reply
N
Nikolay Pavlov2015-11-07 13:56:37
How to calculate a definite integral in the form of a sum limit? 0Reply
E
eternalSt2018-03-18 23:18:05
Materials on mathematics ala Feynman lectures? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question