When, why and how Expanded Password System was developed
Hitoshi Kokumai
Advocate of Identity Assurance by Citizens' Volition and Memory. Founder and Chief Architect at Mnemonic Identity Solutions Limited
Here is what we wish to emphasize as to the development of Expanded Password System invented in the first quarter of 2000 to mitigate the password predicament.
?Main Theme: Identity Assurance by Citizens' Volition and Memory
- Problem: Password Predicament
- Solution: Non-Text Secret Credential
- Theory: Science of Human Memory
Secret credentials are indispensable for identity assurance, whereas text-only passwords are hard to manage.
Why not consider Non-Text secret credentials? Why not making use of citizens' episodic image memory?
?What it does
?Our identity authentication solution named Expanded Password System enables citizens to make use of their non-volatile episodic image memory made from their personal experiences.
Reference
Fend Off Cyberattack with Episodic Memory?(Slide 24Feb2023)
?
?How we built it
The system is built to enable the user to register a set of any numbers of images of their choice either by permutation or combination as credentials and embed them onto a matrix of images made of meaningless decoy images
?Incidentally, our solution demonstrated to work with Open ID without friction in 2008.
?Challenges we ran into
?However solid the theory is, the solution would be vulnerable to attacks when it is poorly implemented. A key was the appropriate use of a hash module of SHA family.
?It was also a challenge to get technology people to listen to us about the merit of making use of our own autobiographic/episodic memory. These people are generally not familiar with such psychological concepts.
领英推荐
?Accomplishments that we're proud of
?Adoption by demanding clients such as Japan's Ground Self-Defense Force (Army) besides the use cases in consumer and corporation areas.
Some 460 licenses were offered to field communications vehicle.?With each vehicle shared by multiple soldiers, the number of people who use our solution are now supposed to be in many thousands.
The number of licenses increased more than 10-fold over the 10-year period of use from 2013. And, the client tells us that it will stay in use for at least 10 more years. We humbly assume that they are well satisfied with our solution.
Also, selection as a finalist by Financial Data and Technology Association for ‘Summit and Awards 2019’ and adoption by AFCEA for ‘2020 Solution Review Problem Sets’.
?What we learned
?We learned that, for global citizens to enjoy a safer identity assurance, we need to debunk wide-spread misperceptions such as “indispensable passwords be removed altogether” and “passwords be displaced by password-dependent biometrics”
References
?What's next for Digital Identity for Global Citizens
As of March 2023, we are on the way towards the beta release of Mnemonic Gateways, our new-breed leakproof password manager with no password vault, as our first products to be put on the global digital identity market.
Not having the likes of password vault, it’s hacking-proof, that is, it’s leak-proof.
?Being practicable, it frees us from a single point of failure.
It offers a healthy second life for legacy password systems
References?
Overall References
This article, first published in February 2021, is updated with a reference to the ongoing project of Mnemonic Gateways.