The need for people to have passwords that are easy to remember goes contrary to what makes up a good password. People are not very rigorous when insuring the randomness of passwords. Furthermore, people usually have several passwords to keep track of and therefore are less tempted to create random and difficult-to-remember passwords. The preferred defense is to make passwords nearly impossible to guess, but such strength requires that the password be selected in a totally random fashion. That's a tall order for humans, because humans are not very good at making up randomness. Furthermore, because people usually have several passwords to keep track of, locking user accounts with random, but difficult-to-remember, strings of characters such as “wX %95qd!” is a recipe for a support headache.
Bending the wrists sideways or up and down while using the keyboard or mouse can cause musculoskeletal disorders such as carpal tunnel syndrome. Numerous studies have shown that the split keyboard design gives the operator a more neutral forearm position compared to a traditional keyboard. Carpal tunnel syndrome (CTS) is a condition that can cause pain, tingling, numbness, and weakness in the fingers and thumb. CTS from work causes is highest between the ages of 20 and 40.
In accessing a secure computer system most of us use a username and password. The combination of a username and a password does not constitute strong authentication. That has traditionally been a weak point in authentication systems. In the modern world of global computerization we need a shift from a simple ID and password authentication that is easily intercepted to using a two-factor authentication, which requires people to identify themselves using two unique factors, such as a password along with either a digital certificate, a smart card, or a biometric proof.
The proposed method for password authentication of the present invention uses keystroke-scan characteristics that are unique for each individual. Accordingly, the password authentication method of the present invention is unobtrusive, reliable and could be used on any data input device that could measure typing intervals with accuracy better than one millisecond.
While typing or working at a computer keyboard and performing regularly 10,000 keystrokes per hour users must have a keyboard that will alleviate the stress by improved allocation of keys and decreased force during typing. Split keyboards are designed to straighten the wrist. This can be done in two ways: by increasing the distance between the right and left sides of the keyboard or by rotating each half of the keyboard so that each half is aligned with the forearm. The proposed design uses these two methods. It also uses negative slope and concave well keyboard, elements of which could be found in special expensive keyboards offered on the current market.
The combination of advanced ergonomic design and multimodal biometric security protection provides a user-friendly solution that is easy to implement and gives maximum access, communication and transaction security, accompanied by increased functionality and comfort of use. Naturally, the user authentication method described in the current invention could be also implemented on computers with conventional keyboards as a software-only solution. Furthermore, the ergonomic design of the present invention may also be implemented without the advanced authentication method of the present invention.
A keyboard-embedded microchip or keyboard microcontroller with the capability of recording time events with the resolution from 30 millisecond down to 30 microseconds is used for static and dynamic password and user authentication according to the proposed algorithm. The proposed statistical processing of measured keystroke-scan characteristics results in creating a digital signature that contains unique typing characteristics of a person who types the password during login procedure. The same algorithm creates a unique digital signature irrespective of the input text, which could be used for dynamic unobtrusive verification of the user who is currently working at the keyboard.
The example of implementation described below incorporates elements of artificial intelligence in helping customers to select a random password that is hardened by an additional digital signature. The password created during first login procedure with an input from a customer becomes a password-for-life. The ultimate keyboard provides also multimodal biometric protection, supplementing keystroke-scan method with fingerprint, voice-scan, and signature-scan or mouse-scan verification. Signature-scan authentication is performed through modified touchpad or Tablet PC and does not require special hardware. Voice-scan verification and/or authentication is performed through two or more microphones embedded in the keyboard. External microphones could be also used for identity verification purpose.
The proposed voice-scan module allows to record the low- and high-frequency characteristics of voice input and to use them along with the time characteristics of a recorded input for hardening the user's password and/or for protection against identity theft.
In one embodiment of the invention, training of the user is required before a strong random password is created and tested. A short self-training program is included in the first login procedure. The algorithm-created password could be used as a single sign-on password for multiple applications.
The proposed keystroke-scan and signature-scan authentication may be used in physical keyboards and/or virtual (on screen) keyboards, in USB tokens and USB Flash drives, and/or projection keyboards.
The ultimate keyboard has a great potential in becoming the first choice for OEM manufacturers since it allows tailoring keyboard during ordering according to customers needs and personal preferences. One of the key strengths of the ultimate keyboard is versatility. For example, instead of two Enter keys in the middle of a keyboard along left and right side of the Touchpad, a customer may select Enter and Space functions for these two keys. Or instead of a RollerBall in the middle or at the top or at the bottom of the keyboard, users could select a Trackbar, a Trackball, a reversed optical mouse, or any other pointing device for manipulating the movements of the cursor. And to give another example, a Touchpad or a Trackball could be placed at the bottom of the keyboard; this solution might be preferable for laptop users who have developed the habit of using their thumbs for mouse navigation.
The attached drawings of ergonomic keyboards do not limit the number of modules that could be incorporated in a keyboard of customers' choice. The included figures serve only as an example of choices users have in configuration of their keyboards that ensure comfort of use and security in the modern world of global computerization but do not limit the scope of applications of the proposed ultimate keyboard with built-in security protection.
Customization of keyboards during ordering will provide unparalleled functionality, comfort of use and unobtrusive and reliable security in financial and business transactions along with identity theft protection.