Revolutionary Innovation Makes All Passwords Virtually Uncrackable

Oithis Tree
5 min readJan 26, 2024

--

New approach offers simple, effective, easy to implement, and elegant solution.

Pause authentication, how it works, and how it stops hackers.

Brute force attack is a known method when a hacker is utilizing automated tools to try multitude of different passwords or various combinations of characters.

A hacker may acquire login and password via key-logging virus which captures everything a user types.

A hacker may acquire correct login and password via social engineering scam when a user is tricked into visiting hacker’s website which looks exactly like a different authentic website. User thinks that he/she is logging into the familiar website, and without carefully verifying website address, thus revealing login and password.

A hacker or malicious person may steal login and password by other means. For example, by gaining unauthorized access to password files, then employing a dictionary attack. Or as simple as watching someone typing a password from a short distance.

Even two factor text authentication (2FA) is no longer a safe way to login according to the FBI. See article below.

FBI warns against using two-factor text authentication

When utilizing pause authentication, all of the above attempts would fail even if a hacker enters correct password.

Here is how it works. When creating a password, you purposefully pause for a moment in certain places. An app or a website takes a note of that.

When logging in, you have to do the same — pause in the same places. Only then, your password would match.

If you don’t pause at all or pause in the wrong places, your password would not match. As a result, authentication would fail.

Want to see how it works? Go to this login screen. Click/tap on checkbox ‘Pause authentication’ in order to enable this security feature, then try entering something into the password field. You don’t need to register or login. Feel free to play as long as you want.

Get a (often free) license to implement pause authentication for your website or app

If you are a user of any website or an app which utilizes two factor text authentication (2FA), reach out to the company providing the service and recommend that they implement pause authentication when entering passwords. It is so simple that it could be implemented in a few weeks or even in a few days.

Whether you are a student, a software developer, a company executive, a governmental entity, or anyone in between, you can get a license to implement pause authentication on your website or within your application.

Implementing pause authentication without a license would constitute patent infringement.

Please email you requests to support@oithis.com while including the following information: name of your company/organization, website URL along with approximate number of users, application name along with approximate number of users and links to the app within app stores, your contact name along with email and phone number.

In most cases, you will be granted permission within 24 hours.

Oithis Corporation, a technology company, is not only authorized to license this invention, but it also incorporated pause authentication in its flagship SaaS application OiThis (oithis.com).

Are the benefits really worth it?

On the downside, you spend extra few seconds when entering a password. But let’s have a look at the upside.

Generally accepted minimum password length is 8 characters, while recommended password length is 14–16 characters.

Let’s consider what is practical. For a 10-character password, a single pause adds 9 more combinations, effectively increasing the number of password variations by the factor of 10.

Adding more than one pause increases the number of combinations factorially, which is faster than exponentially.

Depending on specific password length and the number of pauses, total number of password and pause combinations may increase anywhere between one to two orders of magnitude, thus making hacker’s job so much more difficult.

Even more significant is how much more time a hacker (or an automated script) has to waste in order to try different password and pause combinations.

Ordinarily, an app or a website would recognize an invalid login within a fraction of a second. Actual response times vary, but let’s assume 0.5 sec.

Pause is recognized after about 1.5 sec. Let’s assume that only one pause is used in a password. And let’s not forget that pause is always present at the end of password entry. This would add: 1.5 * 2 = 3 sec.

As a result, instead of 0.5 sec, a hacker has to spend 3.5 sec — a 7-fold increase in time.

Now, let’s factor in both, increase in the number of tries and increase in the duration of each try, and we come to a stunning conclusion. A hacker would need a lot more time to try different password and pause combinations — an increase anywhere within 2–3 orders of magnitude.

What else is interesting?

You may be wondering what is OiThis, and what other interesting ideas can be found there?

Well, this is an innovative technology company which made an important discovery about how humans perceive knowledge and information. Then, built web based application around it.

There are a number of other practical inventions and novel ideas like audience of interest, informational real estate, and enabling everyday people to have their own simple websites without the need for domain names or web hosting.

OiThis application gives voice to everyday people while providing simple and clear interface.

Do you know how it all started? By asking the right questions.

--

--

Oithis Tree
Oithis Tree

Written by Oithis Tree

Love to express myself through writing.

No responses yet