1. Field of the Invention
This invention generally relates to data processing, and particularly to a method and apparatus for creating a rhythmic password, and a method and apparatus for authenticating based on a rhythmic password.
2. Description of Related Art
Setting password data in the form of text is currently the most common way of authentication. However, a text password, due to its limitation, has many drawbacks, such as poor security, easy to be forgotten, strict requirement for input accuracy, etc.
To further enhance the security of a text password, it has been proposed in the prior art to further add a rhythmic password to the text password to perform the second encryption. Referring to the U.S. Pat. No. 6,954,862B2, it proposes a solution to enhance a text password based on the pace, rhythm and tempo. The password in this document comprises a character string and an associated timing element. When accessing a protected device or function, the user needs to input the proper character string with the proper pace, rhythm and tempo. The input character string and timing element will be compared with stored values, and only when these values are matched can the user be allowed to access. That is to say, the user is not only required to input the proper character string, but also required to input it with the proper pace, rhythm and tempo. A simple example is: if the user's text password is 6 letters of “Z”, the password including a timing element can be “ZZZ”(pause)“ZZZ”, that is to say, after inputting the three letters of “Z”, pausing for a while, for example, 2 seconds.
Those skilled in the art will find that although combining rhythmic information with a pure text password can enhance the security of the password, since in the prior art the password input by the user is specific both in text and in rhythm, others can still memorize the character string and rhythmic information in the user's password by observing the process of the user inputting the password. That is to say, the design of a password in the prior art still has some limitations.
In order to enhance the security of a password, many applications require the user to change the password every period of time (e.g., half a year). Such a requirement although enhances the security to some extent, but also increases the user's password maintenance costs, and affects the user's experience, as frequent changing of a password is not conducive for the user to remember his password.
Existing research indicates that like a person's writing pattern can reflect his biometric factors, his typing pattern can also reflect his biometric factors to a great extent.
This invention proposes that the biometric factors reflected in typing can be utilized as a physiological password.