你是不是曾經(jīng)忘記過(guò)郵箱密碼？網(wǎng)上支付時(shí)你會(huì)不會(huì)對(duì)安全性有點(diǎn)擔(dān)心？一種新的筆記認(rèn)證系統(tǒng)即將誕生，只要你會(huì)寫(xiě)字，留下你得筆跡，就可以免去輸入密碼的麻煩和困擾。

　　Recognising your own handwriting rather than remembering a password could be used for online identification, new research shows.

　　一項(xiàng)新研究表明，要實(shí)現(xiàn)在線身份認(rèn)證，可以采用識(shí)別自己筆跡的方式，而不再需要記住密碼。

　　Your handwriting could be the best form of online security, say the developers of a new system that may one day replace difficult-to-remember passwords and PIN codes. With the new authentication program Dynahand, users just need to be able to recognise their own writing.

　　這種新系統(tǒng)的開(kāi)發(fā)人員稱，個(gè)人筆跡可以成為保障在線安全的最佳方式，該系統(tǒng)有朝一日可能會(huì)取代難記的密碼和個(gè)人身份識(shí)別碼。采用這種名為Dynahand的新型認(rèn)證程序，用戶只需能夠識(shí)別他們自己的筆跡就可以了。

　　"I know it's my handwriting, but I don’t know how I know. I can't explain to somebody else how I do it," says Dr. Karen Renaud, a computer scientist and lecturer at the UK's University of Glasgow. She argues that's what makes the system more secure than coming up with a standard password, which is repeated over and over at different sites, can be shared with a friend, or stolen by an adversary.

        “我知道這是我的筆跡，但我不清楚自己為何知道，也無(wú)法向其他人解釋我是如何做到這一點(diǎn)的，”英國(guó)格拉斯哥大學(xué)講師、計(jì)算機(jī)科學(xué)家卡倫-雷諾說(shuō)道。她認(rèn)為正是這一點(diǎn)使得該系統(tǒng)比利用一般的密碼要更安全，因?yàn)楹笳邥?huì)在多個(gè)不同的網(wǎng)站反復(fù)輸入，可以被朋友分享，甚至?xí)�被懷有惡意的人所盜取。

　　The system works using handwritten numbers instead of letters because although others may be able to recognise your penned words, they're not so good at distinguishing your handwritten numerals.

　　該系統(tǒng)利用的是手寫(xiě)數(shù)字而非字母，這是因?yàn)閯e人或許能認(rèn)出你的手寫(xiě)單詞，卻未必能輕易地識(shí)別出你手寫(xiě)的數(shù)字。

　　In the laboratory test, Renaud asked 11 people to write the numbers 0 to 9 several times. She asked other volunteers to provide samples of their numerals, too, but these were eventually used to distract the study participants. She then scanned the numbers into a computer and used a software program, or algorithm, written by colleague Elin Olsen, to analyse the characteristics of the handwriting, such as height and width of strokes. The algorithm also kept track of which numerals belonged to which person and whose handwriting was more similar or distinct.

        在進(jìn)行實(shí)驗(yàn)室測(cè)試時(shí)，雷諾讓11個(gè)人把從0到9的數(shù)字寫(xiě)上幾遍，接著她讓其他志愿者也提供他們手寫(xiě)數(shù)字的樣本，但這些樣本最終只是用來(lái)分散實(shí)驗(yàn)參與者的注意力的。然后她將這些數(shù)字掃描進(jìn)電腦，并利用同事埃琳-奧爾森編寫(xiě)的軟件程序也就是算法來(lái)分析這些筆跡的特征，如筆劃的高度和寬度等。通過(guò)算法，還進(jìn)一步記下這些數(shù)字相應(yīng)的書(shū)寫(xiě)者以及筆跡較相似或更為不同的人士。

　　At authentication, the program showed the participant a series of five-number handwritten PINs, each one randomly generated from the handwritten numerals. The number was not important and the user did not have to remember it. Instead the participant clicked on the PIN written in his or her handwriting. If they got it right, the program showed them another set of PINs. They then clicked again on the correct image.

　　認(rèn)證時(shí)，該程序給各參與者顯示出一連串由五位數(shù)字組成的手寫(xiě)個(gè)人身份識(shí)別碼，每個(gè)識(shí)別碼都是從手寫(xiě)數(shù)字中隨機(jī)抽取生成的。但數(shù)字本身并不重要，用戶也無(wú)須去記住它們。參與者需要做的只是點(diǎn)擊他們自己手寫(xiě)的識(shí)別碼。如果他們選對(duì)了，那么程序就會(huì)顯示出另一串認(rèn)證碼。接著他們就得再次點(diǎn)擊選擇正確的圖像。

　　The program shows the user four sets of PINs, which takes about 28 seconds to complete, but ensures a higher level of security than just showing one set. And as with other PIN-password system, three wrong attempts and you're locked out.

        該套程序一共會(huì)向用戶顯示四組身份識(shí)別碼，雖然完成全部認(rèn)證需時(shí)約二十八秒，但與只顯示一組識(shí)別碼比起來(lái)，四組的安全度更高。此外，與其他識(shí)別碼或密碼系統(tǒng)一樣，如果你連續(xù)三次嘗試失誤，就會(huì)被鎖定。

　　In the test, 10 of the 11 people recognised their own handwriting consistently. Although most of the people got it right, 11 participants is a low number to demonstrate the effectiveness of the technology, says Steve Furnell, professor of information systems security at the UK's University of Plymouth. "But the idea itself is very interesting," he says.

　　來(lái)自英國(guó)普利茅斯大學(xué)的信息系統(tǒng)安全教授史蒂夫-費(fèi)內(nèi)爾說(shuō)，在此次測(cè)試中，11人中有10人始終都能認(rèn)出自己的筆跡。雖然大部分人都選對(duì)了，但11名參與者還是人數(shù)太少，不足以證明該項(xiàng)技術(shù)的有效性。他又說(shuō)道：“但這個(gè)想法本身是非常有趣的。”

　　In addition, although Renaud does not believe that this password method is robust enough to be used for sites with high-level security, such as online banking or e-commerce, it could work as a second layer on such sites, e.g., when you are changing an address or credit card information.

　　另外，雷諾認(rèn)為雖然這種密碼識(shí)別方法尚不夠成熟，還無(wú)法用于高安全級(jí)別的網(wǎng)站上，如網(wǎng)上銀行或電子商務(wù)，但卻可以在此類網(wǎng)站上充當(dāng)?shù)诙�道安全防線，如在你修改地址或信用卡信息時(shí)使用。