I'm a Sr. software developer. Few years ago I watched a PBS TV show called "Rise of the Hackers", in which it talked about the vulnerability of the Internet and said traditional password is a weak link in cyber security. That inspired me to do something about it and fix this problem, so I came up with a solution called GATE : Graphic Access Tabular Entry.

GATE is an interception-resistant user authentication system, which means even if someone intercepts/sees you when you log in [ assume he sees/records every detail of your authentication ], he still won't know what your password is, there are detailed info, demo and videos on my website :

GATE can use short and easy to remember passcodes to defeat peeking, keylogging, phishing and dictionary attack.

Passwords have been used for thousands of years. Since the days of the Arabian Nights fables when Ali Baba overheard the Forty Thieves commanding ‘Open Sesame’ to access their riches, through PIN privacy at ATM machines, to server to server cyber capture of personal and financial information in our high-tech world, password interception has been recognized as a fundamental threat to account security. A single capture, whether decrypted or not, can lead to complete account infiltration.

Because of the password problems, there is a trend to use biometrics to replace passwords, yet a lot of places are starting to ban biometrics :

facial-recognition-ban-san-francisco bombshell-facial-recognition-data-collected-us-customs-agency-hacked breach-of-biometrics-database-exposes-28-million-records-containing-fingerprint-and-facial-recognition-data

The problems with biometrics are : [1] Compromise on user privacy [2] Once that data is stolen, user can't change their fingerprint, iris or facial scan [3] Hackers can use biometrics to authenticate [ login ] user without their consent.

007 Fakes Fingerprint

Therefore password is still a better option IF we can overcome its weakness. The problem with traditional passwords is their obviousness, and this obviousness can easily lead to interception during the login process [ peek over the shoulder, key logger, video recording ... ], therefore we need a better way to let user authenticate while not exposing their passwords.

Keypad Pins Easily Stolen

Danger Of Keylogger

What it does

Based on user password choice, server renders password entry buttons on a screen, rendering multiple characters per button. User pins are mixed in among the symbols displayed in the buttons. When button selection is made by a user there is no way for an observer to know the actual password due to the multiple characters per button. Each subsequent rendering of buttons by the server will be unique, based on the GATE algorithm, ensuring button selection cannot simply be repeated based on button location in order to infiltrate an account. Due to the rendering process required in order to present password buttons to a user, a server has to already know the passcode of the user in order to render an appropriate array of buttons. Therefore bogus or malicious servers will not be able to render an appropriate array of buttons to a user, which allows the user to recognize whether or not the screen he is looking at is being controlled by the appropriate body. This will prevent phishing attacks.

Can You Guess Passcode ?

How I built it

Since I've been a Java developer for 20+ years, naturally I used Java to implement this solution, but GATE can be implemented in any language and run on any system. I've built desktop, web and Android versions of the GATE apps.

Free sample apps are available at the following sites : [1] Desktop Java Swing App : [2] Online Web App : [3] Android Mobile App :

Challenges I ran into

Educate users about the weakness of current password system. As we depend more and more on the internet, online security becomes more and more important.

There is a hacker attack every 39 seconds. Hacked passwords cause 81% of data breaches. Projected cost of cyber-attacks in 2019 is $2 trillion globally. It will hit $6 trillion annually by 2021. Average total cost of a data breach is $ 3.92 million.

Hacker Talk : How To Steal Passwords

Accomplishments that I'm proud of

In the past few years GATE has won 5 international cyber security awards :

GATE won "Cybersecurity Innovation Award" at 2017 International Cyber Security and Intelligence Conference [ ICSIC ] on November 7th - 8th, 2017 in Toronto, Canada.

GATE won "Global Excellence Awards" at 2018 Info Security Products Guide on April 16, 2018 in San Francisco Best Security Company Cyber Security Vendor Achievement of 2017 Silver Winner : GATE Cyber Technology LLC Bronze Winner : Startup of the Year

Frank Ni won "Cyber Excellence Award" at 2018 National Cyber Summit on June 7, 2018 in Huntsville AL

GATE won "Innovation Award In Cyber Security" at IET [ Institution of Engineering and Technology ] on 14 November 2018, in Brewery, London

What I learned

As time goes by, we all face different challenges, we can meet these challenges with the knowledge and determination we have, we will win in the end ^_^ !

What's next for GATE : An Interception-resistant Authentication System

Let us be vigilant, and also be smart, by not giving hackers the opportunity to threaten our digital life. Use systems that are well designed to prevent hacker attacks. Be secure by design, rather than being hard on the users !

Hope users can see the security advantage of the GATE system, and use it to safely authenticate while not exposing their passwords.

Any organization that are interested in using the GATE system are welcome to contact me.

Built With

Share this project: