Wednesday, February 14, 2018

Blockchain Technology has been used to decentralize Security and proves to be great for identity management. A blockchain is a continuously growing list of records called blocks which are linked and secured using cryptography. Since it is resistant to tampering, it becomes an open distributed ledger to record transactions between two parties. In identity managements it avoids the use of an authentication server and a password database. Each device or user media is given a private key which is guaranteed to be unique and a control from that device such as the click of a button is the equivalent of signing in. Identity management user interface therefore becomes far simpler than what users are currently frustrated with today. Even in such scenarios, the security is only improved when the user mentions something only she knows.  As stated earlier, security is about knowing as well as having. Therefore, the user interface even with blockchain technology could do with some visual aid to the process of signing in. This is particularly more meaningful  where user interactions matter and the identity management is not for automations. Here the use of the interface is a visual equivalent to securing the private key with a password.
One such user interface could be the use of solving a captcha that not only the machines but also nobody other than the owner can answer. As an example, we enter one time passcodes in the form of six digit numbers. Instead if there were a panel of nine tiles which only the individual can select six and in a sequence that is unique and known only to the individual, then it becomes the equivalent of a password. Even One time passcodes relayed from the authentication server could be considered a passwordless equivalent to the conventional login. Here we are merely making it easier for the user to answer based on his habit of selection rather than his reliance on remembering the password. In this case, we have
    function append(id) {
      var text = $("#password").val();
       if (!text)
       {
            toggle();
            $("#password").val(id);
       }else{
            if (text.length < 6) {
             $("#password").val(text+id);
            }else{
                toggle();
            }
       }
    }
    function toggle() {
    var passwordField = document.getElementById('password');
    var value = passwordField.value;
    if(passwordField.type == 'password') {
        passwordField.type = 'text';
    }
     else {
       passwordField.type = 'password';
     }
       passwordField.value = value;
    }

No comments:

Post a Comment