Inkblot authentication
Inkblot auth class allows to implement inkblot authentication to your PHP application.
It can generate list of inkblots from directory or array. User may provide amount of letters saved per inkblot, to implement different password generation ways
The idea is from Microsoft Research about using inkblots in authentication for more complex passwords and as password tips. You can also check http://password-test.co.cc/ for more information, examples and statistics
Contents
Download
Example codes
<?php session_start(); include("./inkblot_auth.php"); //provide path to directory with inkblot images $ink = new inkblot_auth("./inkblots"); if(isset($_SESSION["pass"])) { //we already created pass for testing echo "<h3>You have successfully registered. Now try to login using same password</h3>"; //first we need to provide password which we previously saved //usually it is retrieved form database using provided username //but for testing we've saved in in session variable $ink->set_pass($_SESSION["pass"]); if(isset($_POST["logpass"])) { //no we check user provided password //only after providing saved password if($ink->check_pass($_POST["logpass"])) { echo "<h3>You provided correct password</h3>"; } else { echo "<h3>Your password is incorrect</h3>"; } } //now we will get inkblots that were used in pasword $inks = $ink->get_inkblots(); echo "<div style='overflow: auto; margin-bottom: 50px;'>"; foreach($inks as $val) { echo "<img src='".$val."' style='float: left; margin-right: 10px; width: 200px;'/>"; } echo "</div>"; echo "<p>All you have to do is remember your password while seeing same inkblots, that you saw when you created this password.</p> <p>Just insert your first and last letter of your inkblot interpretations in inkblot order (from left to right)</p>"; echo "<form action='' method='post'> <p>Enter your saved password: <input type='text' name='logpass'/> <input type='submit' value='Register'/></p> </form>"; } else { //someone submitted pass if(isset($_POST["regpass"])) { //get encoded pass and save it $_SESSION["pass"] = $ink->get_pass($_POST["regpass"]); //refresh page header("Location: ".$_SERVER["REQUEST_URI"]); } echo "<h3>Create new password (Simulating registration)</h3>"; //no pass created $inks = $ink->get_inkblots(); echo "<div style='overflow: auto; margin-bottom: 50px;'>"; foreach($inks as $val) { echo "<img src='".$val."' style='float: left; margin-right: 10px; width: 200px;'/>"; } echo "</div>"; echo "<p>This login is based on user choosing and remembering the password based on inkblot that user see.</p> <p>Because human mind interprets each inkblot differently, it means, that it is possible that no one else will see a thing that you saw.</p> <p>You must type first and last letter of each inkblot interpretation based on sequence you see those inkblots (from left to right)</p> <p>Then each time you'll try to login, you'll see same inkblot images only each time in different order</p> <p>Refresh page to change inkblots</p>"; echo "<form action='' method='post'> <p>Enter your password: <input type='text' name='regpass'/> <input type='submit' value='Register'/></p> </form>"; } ?>
Examples in action
Example scripts provided with package in action:
Method list
- Create instance
- Letter count per inkblot
- Get inkblots for user
- Get generated password
- Set saved user password
- Check if user rprovided valid password
Create instance
| Method name | new inkblot_auth($inkblots) |
| Description | Create class instance with provided inkblot list. You can provide array with inkblots, where keys are inkblot unique identifiers and values ar paths to inkblot images. Or you can provide path to directory with inkblot images as class will load anc create list of inkblots automatically |
| Input parameters | string or array $inkblots - arrray with inkblot images or path to directory with inkblot images" |
| Example input | new inkblot_auth("./inkblots") |
Letter count per inkblot
| Method name | set_letters($count) |
| Description | Provide amount of letters user must enter per inkblot image. You can think of your own password generation algorythms, like first and last letter, or first, middle and last letter. Only restriction, that users must use same algorythm for both registering and authenticating |
| Input parameters | int $count - amount of letter user will need to enter per inkblot image |
Get inkblots for user
| Method name | get_inkblots($count) |
| Description | Returns an array with specified amount of inkblots to show to user. If password was not set, then returns random inkblot images. If password was set using set_pass method, then this method will return inkblots attached to user password (same inkblots user used to register) only in random order. |
| Input parameters | int $count - amount of inkblots to return |
Get generated password
| Method name | get_pass($userinput) |
| Description | Returns coded inkblot image association with user password as string |
| Input parameters | string $userinput - user password in provided inkblot order |
Set saved user password
| Method name | set_pass($password) |
| Description | Sets saved password, that was generated using get_pass method, so class could provide inkblots used in password generation and compare user input |
| Input parameters | string $password - generated password from user input associated with inkblot images |
Check if user rprovided valid password
| Method name | check_pass($userinput) |
| Description | Checks user input against saved password, that was set using set_path method |
| Input parameters | string $userinput - userinput according to inkblot order |
Latest changes
None for now
Awards
Inkblot_auth class was nominated to October Innovation Award, please support it by voting.
You may also be interested in:
Powered by BlogAlike.com
