Revolutionary Innovation Makes All Passwords Virtually Uncrackable

Oithis Tree
4 min readJan 26, 2024

--

New approach offers simple, effective, easy to implement, and elegant solution.

Pause authentication, how it works, and how it stops hackers.

Brute force attack is a known method when a hacker is utilizing automated tools to try multitude of different passwords or various combinations of characters.

A hacker may acquire login and password via key-logging virus which captures everything a user types.

A hacker may acquire correct login and password via social engineering scam when a user is tricked into visiting hacker’s website which looks exactly like a different authentic website. User thinks that he/she is logging into the familiar website, and without carefully verifying website address, thus revealing login and password.

A hacker or malicious person may steal login and password by other means. For example, by gaining unauthorized access to password files, then employing a dictionary attack. Or as simple as watching someone typing a password from a short distance.

When utilizing pause authentication, all of the above attempts would fail even if a hacker enters correct password.

Here is how it works. When creating a password, you purposefully pause for a moment in certain places. An app or a website takes a note of that.

When logging in, you have to do the same — pause in the same places. Only then, your password would match.

If you don’t pause at all or pause in the wrong places, your password would not match. As a result, authentication would fail.

Want to see how it works? Go to this login screen. Click/tap on checkbox ‘Pause authentication’ in order to enable this security feature, then try entering something into the password field. You don’t need to register or login. Feel free to play as long as you want.

Get a free license to implement pause authentication for your website or app

Whether you are a student, a software developer, a company’s executive, or anyone in between, you can get a free license to implement pause authentication on any website or within any application. Otherwise, you would be violating someone else’s intellectual property rights.

The good news is that all you have to do is ask for it, and in most cases you will be granted permission within 24 hours.

Please email you request to support@oithis.com while including some basic information such as which website, application or project, contact name, email, and phone number.

Oithis Corporation, a technology company, is not only authorized to license this invention, but it also incorporated pause authentication in its flagship SaaS application OiThis (oithis.com).

Are the benefits really worth it?

On the downside, you spend extra few seconds when entering a password. But let’s have a look at the upside.

Generally accepted minimum password length is 8 characters, while recommended password length is 14–16 characters.

Let’s consider what is practical. For a 10-character password, a single pause adds 9 more combinations, effectively increasing the number of password variations by the factor of 10.

Adding more than one pause increases the number of combinations factorially, which is faster than exponentially.

Depending on specific password length and the number of pauses, total number of password and pause combinations may increase anywhere between one to two orders of magnitude, thus making hacker’s job so much more difficult.

Even more significant is how much more time a hacker (or an automated script) has to waste in order to try different password and pause combinations.

Ordinarily, an app or a website would recognize an invalid login within a fraction of a second. Actual response times vary, but let’s assume 0.5 sec.

Pause is recognized after about 1.5 sec. Let’s assume that only one pause is used in a password. And let’s not forget that pause is always present at the end of password entry. This would add: 1.5 * 2 = 3 sec.

As a result, instead of 0.5 sec, a hacker has to spend 3.5 sec — a 7-fold increase in time.

Now, let’s factor in both, increase in the number of tries and increase in the duration of each try, and we come to a stunning conclusion. A hacker would need a lot more time to try different password and pause combinations — an increase anywhere within 2–3 orders of magnitude.

What else is interesting?

You may be wondering what is OiThis, and what other interesting ideas can be found there?

Well, this is an innovative technology company which made an important discovery about how humans perceive knowledge and information. Then, built web based application around it.

There are a number of other practical inventions and novel ideas like audience of interest, informational real estate, and enabling everyday people to have their own simple websites without the need for domain names or web hosting.

OiThis application gives voice to everyday people while providing simple and clear interface.

Do you know how it all started? By asking the right questions.

--

--