A place for all things security.

GOTCHAs are fighting brute force attacks

Jan 29, 2014 // Andrew Stroup

Not to be confused with the 1985 film Gotcha!, more progress has been made on increasing your internet security from brute force attacks.

Coming from the same institution as the ever popular CAPTHAs, Carnegie Mellon University scientists have developed a new approach to security authentication called GOTCHAs or Generating panOptic Turing Tests to Tell Computers and Humans Apart.

How It Works: A user of a website using GOTCHAs would create a username and password. The user would then be prompted with a series of inkblots and would assign a text phrase to each one. Upon login (requiring successful submission of the username and password), the user is presented with one of the inkblots and is required to enter the correct matching text phrase they previously assigned to the specific inkblot.

This new approach increases security by requiring a task easy for a human to solve, but exponentially more complex for a computer to process and reproduce the correct result. The root “technology” follows the same belief system as CAPTHAs, visual skills of humans are far more advanced than current computer technology.

Security researchers are currently reviewing and testing this new security technology (GOTCHA challenge).