Keycore

Keycore logs you in without a password by identifying the way you type

Comment

Check it out at https://attackathon.com!

Inspiration

We were frustrated by the experience of repeatedly forgetting passwords and the increasing number of privacy leaks that expose password data. This inspired us to create a way people could log in to their services with something that was intrinsic to them and was easy to input.

What it does

Keycore is a tool that allows users to login with their email alone--no passwords needed. Keycore uses the data from the way you enter your email and is able to confirm with accuracy significantly greater than normal passwords that you are who you say you are. Keycore is a turnkey solution for engineers who are developing applications to take advantage of this novel form of authentication. With just three lines of Keycore code, all the heavy lifting of authentication is done already.

How we built it

Keycore is comprised of two main components: the client side which collects the data and the server side which analyzes and authenticates the users. On the client side, we used JavaScript to collect over a hundred data-points about how a particular user enters their email. Then, we encrypt the data and pass it to the server. In the server, the data is analyzed and compared to the existing model of a user’s email. We used machine learning to continually improve a person’s typing model as they continue to log in more frequently. The server was written in Python through the Flask framework, using MongoDB to store the data.

Challenges we ran into

One major challenge we ran into was being able to make sense of the data in an efficient way. After collecting a significant amount of data from each time a user logs in, we had a bit of trouble understanding how exactly to analyze it. However, we developed an efficient and precise algorithm that can analyze the data and authenticate a user.

Another challenge we faced was handling backspaces in a person’s typing pattern. It became rather difficult to determine what was the most accurate way of dealing with backspaces. Finally, we found a way to extract the times from the data and correct them without the backspace so it became as if the user had not mistyped in the first place. Accomplishments that we're proud of We are extremely proud that our app is able to identify users with an accuracy greater than traditional passwords methods while making the overall experience easier for the developer and the user. What we learned We learned a tremendous amount about data analytics, machine learning, and cryptography. In addition, we gained skills in Python, JavaScript, HTML, CSS, MongoDB, Azure, and more.

What's next for Keycore

The future of Keycore is very bright. We have developed a developer friendly solution that eliminates the major problem of forgotten passwords for users. In addition, the elimination of passwords released in more privacy given to the user and perhaps an end to this era of data leaks. We would like to continue to develop this and work with cryptographic experts to ensure Keycore is secure beyond doubt. After that, we are planning to begin integrating Keycore into existing sites and begin marketing Keycore to more and more companies.

Share this project:

Updates