Elastic password: A new mechanism for strengthening passwords using time delays between keystrokes

Abstract

Text passwords were and still an easy, common, practical and reliable authentication method. To ensure the desired goal of access protection, passwords should be implemented carefully. This study proposes a new mechanism to strengthen passwords through introducing time gaps (delays) between some password characters during the sign-up process. During sign-in, users should not only enter their correct passwords, but also they must leave time delays in the correct position(s) as it was designated during the sign-up process. Any attempt to login using a real password without adding time delays in the correct position(s) will be rejected. Laboratory experiments were conducted to test the proposed mechanism. These experiments are based on known password but hidden delay position(s). The obtained results show that the False Acceptance Rate (FAR) was 11.33% and the False Rejection Rate (FRR) was 17.3%. These ratios could be improved when users became more familiar with the system.