MemoryPass

ppt_1
ppt_2
ppt_3
ppt_4
ppt_5

Inspiration

How can we make strong but memorable passwords? The combination of random letters like 'tNxOp3?' used to be suggested to create stronger passwords than weak ones such as 'qwerty123,' 'passwords456'... . However, not only have users hard time remembering them, but also the length has been pointed to be the most important factor. We are inspired by the presentation of CSE/CST, 'Making and Breaking Passwords,' and developed the tool that helps the user to create a secure password.

What it does

Good passwords need to meet two conditions: 1. it has to be long enough, 2. and it should be easy to remember. Our password generator 'RabbitBlackExcited23!' combine three different words, 2-digit numbers, and special character. First, to choose three words, the generator presents the photo of animal and the photo of color consecutively, then prompt a user to type in each word that corresponds the photos. By asking them input the word, it makes user be cognitively engaged to the words, which will lead to better password memorization. This also opens Next, they can pick one adjective word from the list. Only the words with longer or equal to length 5 were chosen to guarantee that the entire password be long enough. After users type in those words, they should put 2-digit numbers and add one special character.

How we built it

We used HTML, CSS, Bootstrap, Javascript (for frontend), and PHP to implement our project.

Challenges we ran into

We want to make the strong password for user, but the password must be long to be secure. However, user will have a hard time to remember the password if it is too long. So, we need to think the easier way to memorize when we create combination of the the letters, digits, and special characters.

Accomplishments that we're proud of

First of all, we find the way how we can make the password as long as much possible. We decide to use image to user by giving strong impression to users. Also, for as long password as possible, animals, colours, and emotion with too short names were excluded in the list. We used to generated personal passwords only before, but we were glad that I learned how to create a strong password for users from the developer's point of view.

What we learned

We usually create and use passwords without considering security, but in fact, it turns out that our method of combining passwords is very vulnerable to security. By thinking about how passwords should be combined and created for secure, we learned which passwords are vulnerable to security and powerful. Also, we learned how to work with the team and communicate with each other.

What's next for RabbitBlackExcited23!

After generating the password, it was shown directly to the user on the website, which is very vulnerable to security. We've also considered sending text files or emails without displaying the results right away, but this is also a bad security method. Accordingly, it is necessary to consider how to generate and send a password to the user, and how to save it in a database in case the user forgets it after generating the password, and to link it with an existing application that manages the password like 1password.