Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If someone could memorize your hieroglyphics, does that mean they could perform an offline attack at guessing your password?

Hell, even if they only memorized the first few sequences, they would know how your password starts.



Presumably the hieroglyphics are generated based off a hash of what you're typing, so there will not be a one-to-one mapping of hieroglyphics back to data typed. Also, since the hieroglyphics are nonsensical and change quickly, you would probably find it easier to watch their physical keystrokes then trying to memorizing a stream of symbols.

That said, all logical bets are off when analyzing a hare-brained feature like this.


In the current implementation, it doesn't show them until after you type the fifth character, to prevent exactly this kind of attack.

They also replaced the hieroglyphics with a key chain, which implies that at some point someone actually redesigned this wacky features.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: