Ask HN: Why aren't images used as passwords?

4 points by poletopole ↗ HN
We can all agree the state of password management on any platform isn't ideal, but some are better than others. Textual passwords are needed for some use cases obviously, but at large this isn't the case. With steganography or simple checksums alone I could easily see the possibilities that support the argument why images may be valid. Why would this not work in practice?

10 comments

[ 5.2 ms ] story [ 31.9 ms ] thread
(comment deleted)
If you're submitting the same picture again and again then you might as well submit a cryptographically secure key (through some handshake, not necessarily uploading the key). If you're submitting images of the same physical object again and again, then you're in the domain of "is this match close enough". Deciding if something is close enough is non-trivial to compute and you end up leaking information about whatever you're taking pictures of.

Both cases seem worse than using a normal password or a more secure cryptographic key.

Yep, changing the password UX is high friction because you need to teach everyone how it works and nobody's existing tools will work with it.

If you're going to change this up it would make more sense to move to a better protocol than "provide this fixed shared secret".

It's also useful to think about what the "root of trust" is in authentication flows. That is, the thing that can reset the password.

This might reasonably be email, an OIDC provider or a cloud account linked to your device vendor.

IMHO what would be really nice would be a decent ecosystem around WebAuthn. So ways to plug different providers into your browser / operating system. This would let you choose some combination of hardware keys, your preferred password manager or keys linked to your icloud/google account, for 1-click auth everywhere.

An image is some bits. How do you enter it? Copy and paste? Why not just use a cryptographic key, as mentioned by another user. If the image needs to be exact then JPEG compression will be a horror show; many people copy images by taking a lossy screenshot.

If it's more like a barcode or QR code (and JPEG resistant) that actually just encodes the real password, you're still relying on a camera, or the ability to copy-paste image data. This probably runs against the grain with what most users expect. I've never had to use an image file or webcam stream as a password before. I'd probably muddle through; but I'm not sure my mother would.

That said, I wouldn't mind more passwords and one-time-keys especially on printed materials coming as QR codes. Why do I need to type in a 24 character key from a gift card?

Most people don’t know what cryptography is let alone RSA keys. Hints why I mentioned steganography. But I was mostly spit balling here, you aren’t wrong.
Player how are you supposed to type in a picture?
One pixel at a time, how else?
XXXXXXXXXXXX X. X. ****** X. X. X. X. * THIS WAY * X. L. X. . / ****** X. ___÷ X X. X OOOOO
As Louis C.K. said: "because some things are, and some things aren't"
A picture of a wolverine is used for an encryption algorithms. As for passwords, my guess is that they aren't practical, because any degradation to the picture will alter the bits and invalidate its purpose.