Face Recognition Technology May Put An End To Forgotten Passwords
June 24, 2014

Face Recognition Technology May Put An End To Forgotten Passwords

Peter Suciu for redOrbit.com - Your Universe Online

There is that old saying "I never forget a face," and that is why face recognition technology could be the basis for the future of passwords. Dubbed "Facelock," this concept could put an end to forgotten passwords.

Unlike faces, passwords can be unfortunately easy to forget, and are thus a serious problem for users as well as IT managers, who must deal with the issue when someone "can't remember their password." Passwords in general have a serious flaw. Simple passwords may be easy to remember but also are easy to crack; while complex passwords can be harder to crack but much harder to remember.

Even Fernando Corbató, the man who helped deploy the first known computer password acknowledged the flaws in passwords earlier this year in an interview with the Wall Street Journal.

"It's become kind of a nightmare with the World Wide Web. I don't think anybody can possibly remember all the passwords that are issued or set up," Corbató told WSJ's Danny Yadron this past May. "That leaves people with two choices. Either you maintain a crib sheet, a mild no-no, or you use some sort of program as a password manager."

Here is where face recognition comes in. Humans can recognize familiar faces across a wide range of images, even when the image quality is poor. At the same time unfamiliar faces look like different people in different photos. According to new research Facelock has the potential to exploit this psychological effect to create a new type of authentication system.

The details of a new study into face recognition were published in the open-access journal PeerJ.

"Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images," Dr. Rob Jenkins of the University of York in the U.K., lead author of the study wrote in the paper's abstract. "However, when the face is unfamiliar, generalization across images is poor. This contrast can be used as the basis for a personalized 'facelock,' in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder."

The study found that familiarly with a particular face could determine a person's ability to identify it, even across different photographs. This could be used to create a very personalized "lock," where access is granted to anyone who demonstrates recognition of the faces across images but denies it those who do not. The actual "lock" could consist of a series of face grids that are constructed to that one face that is familiar to the user, whilst the others are not. Authentication could be as easy as touching the familiar face in each grid. For a legitimate user this could be a trivial task, as familiar faces stand out from the others. For all others none of the faces would stand out.

Faces can also be easily generated, and the researchers noted that "effectively one person's idol is another person's stranger. By combining faces from across a user's domains of familiarity—say, music and sports— the researchers were able to create a set of faces that were known to that user only. To know all of those faces is then the key to Facelock."

Such a system could be durable, as the researchers noted that familiarity is hard to fake.

"Pretending to know a face that you don't know is like pretending to know a language that you don't know—it just doesn't work," said Jenkins. "The only system that can reliably recognize faces is a human who is familiar with the faces concerned."