Skip to main content
  1. Home
  2. Mobile
  3. News

Asking questions about smartphone use for logins may stop Netflix password sharing

By

A password screen with an indecipherable password inputted.
Who was the first person to text you this morning? What song did you listen to during dinner last night? Which of the following news sites did you not browse this morning? These types of questions could act as superior forms of user authentication to the traditional passwords people use today when they log in to apps and websites, according to five researchers.

In a paper titled “ActivPass: Your Daily Activity is Your Password,” a group of researchers located in universities in Texas, Illinois, and India lay out a novel approach to improving the security of login activity. The main thrust of ActivPass is to observe a user’s recent Facebook, browser, phone, and SMS activities and ask them questions based on those activities, which in an ideal world only the users themselves would be able to answer. For example, “From whom did you get your first call this morning?” could be a question posed to a user when they try logging in to a website.

Recommended Videos

The ActivPass project aims to address areas where traditional passwords are failing, including the increasing burden on users to remember a growing number of passwords (or to ease that burden by choosing common passwords that diminish security), sharing of passwords for cloud-based services like Netflix, and the increasing vulnerability of passwords being stolen.

Related

Users would be able to configure the system to determine how many questions must be answered for successful authentication, whether multiple-choice questions can be asked, and permissions to activity logs.

After an experiment involving 70 participants and their smartphone activity logs (tracked with an app), the researchers say their end-to-end ActivPass system was successful (i.e., authenticated legitimate users) 95 percent of the time. However, it was also compromised (i.e., authenticated impostors) 5.5 percent of the time.

“While this level of security is obviously inadequate for serious authentication systems, certain practices such as password sharing can immediately be thwarted from the dynamic nature of passwords,” according to the paper. While someone may be willing to share a password for their Netflix account with a friend, they may not be as willing to share their personal activities.

The researchers are speaking with companies like Yahoo and Intel to gauge how useful this approach to passwords could be for enterprise users and what could be done to make it work, said Romit Roy Choudhury, an associate professor at University of Illinois at Urbana-Champaign and a co-author of the paper, in an interview with MIT Technology Review.

Editors’ Recommendations

Topics
Jason Hahn
Jason Hahn
Contributor
Jason Hahn is a part-time freelance writer based in New Jersey. He earned his master's degree in journalism at Northwestern…
New Apple bug may be sharing your Keychain passwords with Family Sharing members

Apple has rolled out a new patch for iOS 13 as users discover new bugs seemingly every other week. The maker of the iPhone and other popular devices may have to release another one: A few Apple users who have enabled Family Sharing on their iCloud accounts are complaining that their Keychain credentials are being synced with other family members without permission.

In a tweet, Indian iOS developer Tanmay Sonawane wrote that all the passwords he has stored in Keychain, Apple’s default password manager, were available on his brother’s Apple devices as well. This means, for instance, that when a family member visits a site for which you too have saved the login in Keychain, they will be able to view the option in their Autofill drop-down menu on Safari.

Read more
I record interviews for work. These are my favorite free recorder apps
The iPhone 14 Pro and Google Pixel 7 Pro's voice recording apps running together.

The Voice Recorder app on a phone (left) and the Voice Memos on another phone Andy Boxall / Digital Trends

Before you head to the app store on your phone to buy a voice-recording app, take a moment to consider the apps that may already be installed on your phone. Why? In my experience, they're likely all you really need. I’ve recorded interviews and voice-overs for work for years, and I’ve found the two best examples come preinstalled on your phone already, so they’re entirely free to use.

Read more
The best Samsung Galaxy Z Fold 5 cases: 10 best ones so far
Two Galaxy Z Fold 5 phones next to each other -- one is open and one is closed.

Samsung’s next-generation foldable is here with the Samsung Galaxy Z Fold 5. This iteration has some notable improvements, including a new hinge design that eliminates the gap from previous generations when the device was folded. You also get a 6.2-inch HD+ Dynamic AMOLED 2X display on the outside while having a 6.7-inch QXGA+ Dynamic AMOLED 2X display on the inside, with both screens having a 120Hz refresh rate. In other words, they're about as nice as you could ask for.

The Galaxy Z Fold 5 is made with premium materials, and the triple-lens camera system packs in a 50MP main shooter, 10MP telephoto with 3x optical zoom, and a 12MP ultrawide lens. There’s a 10MP selfie camera on the front cover, and a 4MP camera on the inner display. You also get a Snapdragon 8 Gen 2 for Galaxy chip inside for the best performance and power efficiency.

Read more