Apple patent sends password secrets to adapters

Jan 06, 2012 by Nancy Owano report

(PhysOrg.com) -- First-time computer users in the early days, pre-hacking security traumas, were confronted with a new life requirement: creating and remembering system passwords. Not too easy, users were warned, to protect their privacy against snooping brothers and sisters, but not too tough, so they can easily remember it all times. This is no longer good advice, and Apple has filed a patent that says, no, make your password as tough as you want.

The filed by Apple seeks to help users recover their information with use of a charger peripheral that doubles as the user’s security key for password recovery.

Apple says in the patent application, dated July 2010 and made public this month, that too often users choose to make their passwords simple, which just makes the work of thieves all that easier. Instead, Apple is suggesting that a user’s MacBook or smartphone or any iOS device password recovery information could be stored inside its charging adapter.

The idea is to shift the security information to the adapter, in the event that the user’s laptop or smartphone or tablet is stolen or otherwise missing. In so doing, the user can make it tough for thieves because the user can feel free to construct more complex password strings.

Once the user plugs in the peripheral, the recovery process for password retrieval and display is done.The patent application is titled, “System and Method for Storing a Password Recovery Secret,” and the inventor is named as Guy Tribble, of Hillsborough, California. Apple is proposing that a small memory module built into the unit holds the password or recovery question.

For users really concerned about security complex enough to thwart thieves skilled in working out passwords, Apple suggests the user might want to use multiple peripherals as an alternative scenario, where the adapter could hold part of the information and the other could reside elsewhere, as on some remote network server.

The patent application’s idea seems useful obviously in instances where one is travelling with the laptop or other mobile computing device but not the charger. is assuming the user taking advantage of this password-retrieval approach leaves the charging device behind, at home or in some desk or locker, before going out on the road.

While many reactions have been favorable to the patent idea, others note that the assumption may be too easily drawn. Some laptop users always carry their chargers with them because of limited battery life, though tablets and smartphones last a long time. A heist that includes both charger and computer places the user out of luck, say some detractors, who also note that cyber thieves eventually will figure out password information on the charger too. Detractors also note that as soon as the time would come for such a device to go commercial, thieves would start seeking out such chargers as worthy for stealing.

Explore further: Self-driving cars now need a permit in California

More information: Patent text online: www.pat2pdf.org/patents/pat20120005747.pdf

Related Stories

Better passwords get with the beat

May 17, 2011

No password is 100% secure. There are always ways and means for those with malicious intent to hack, crack or socially engineer access to a password. Indeed, there are more and more websites and databases compromised on a ...

Apple seeks patents for display and noise-out systems

Dec 11, 2011

(PhysOrg.com) -- Apple made patent news this week in two directions, toward a Kinect like system and toward a quest for excellence in sound quality on phones. It’s been reported that Apple has filed patent ...

Apple moves to stop kids racking up iTunes bills

Mar 16, 2011

(AP) -- After customers complained that their kids were racking up hundreds of dollars worth of purchases inside iPhone and iPad games, Apple has changed how these purchases are authorized.

Are you any good at creating passwords?

Jan 30, 2010

There's an interesting little study that's been done by security firm Imperva, which analyzed some 32 million passwords posted online in December by some enterprising hacker.

Recommended for you

Google to test cars without a driver

6 hours ago

Google plans to begin testing its new prototype of a self-driving car - which, unlike earlier models, doesn't require a back-up driver - at NASA's Ames Research Center, just a few miles from the tech company's ...

Self-driving cars now need a permit in California

8 hours ago

Computer-driven cars have been testing their skills on California roads for more than four years—but until now, the Department of Motor Vehicles wasn't sure just how many were rolling around.

Index ranks Japan Asia's most efficient innovator (Update)

Sep 12, 2014

A new index ranks Japan as the most efficient among Asian countries in turning the building blocks of creativity into tangible innovations that benefit their economies and people while Myanmar, Pakistan and Cambodia are least ...

Making travel quick, safe for cars, bikes, walkers

Sep 10, 2014

Cellphones that warn drivers when people are crossing in front of them. Bicycles and cars that communicate with traffic lights. Sensors in cars that quickly alert other drivers to black ice, potholes or other ...

Tech giants bet on 'smart home' revolution

Sep 10, 2014

It's long been the stuff of science fiction, but tech giants hope the "smart home", where gadgets talk to each other and the fridge orders the milk, will soon become reality.

User comments : 9

Adjust slider to filter visible comments by rank

Display comments: newest first

wiyosaya
3.7 / 5 (6) Jan 06, 2012
IMHO, this is another useless patent that Apple will attempt to market to "uneducated" computer users.

Believe it or not, by making your password 12 or more characters long, have it contain at least one number or non-alphanumeric character, and by having it not be a word easily looked up in a dictionary, your password will be uncrackable by the average hacker with current computing technology.

See http://www.tomsha...5-6.html

Now government or DOD with enough funding could potentially purchase enough GPGPU enabled computers to cut the time of cracking such a password from thousands of years.
Squirrel
5 / 5 (2) Jan 06, 2012
Why not a tiny memory chip in your tooth filling, dentures, fancy nose or ear ring, glasses, watch, belt buckle... No doubt the patents are out there and like this just scape paper.
monique_bizzell
1 / 5 (2) Jan 06, 2012
We have to take the entire password process out of the human's hands. Scanning devices and adapters for older systems should be the way to go. Also there should be intervals or access ports that require re-authorization during usages, only manufactures know the algorithm not the users. If a unit like a monitor unit scanned the user's face, for instance, and there were adaptors for older monitors to simulate then the system can come up with login routines and re-authorization schedules on all types of units. Users can registar as checkout and then add others to the system. If it doesn't recoginze you you won't get in. Pnones, desktops, etc can be adapted to this type of authorization.
monique_bizzell
3 / 5 (2) Jan 06, 2012
How about a USB password card key? You can go to Office-Max and buy a pack of two (the minimum) or more. Each key has the same password and can be put on key-chain or necklace. The key is bought based on your Op/Sys. Plug the key into a USB and the Op/Sys goes into action. It reads the key and you must verify on the screen that its the key you entered by entering a bar-code number or some number on the purchase box during initial install. Just don't let others get your USB keys. During set up the user picks a secret photo and name it. If their key is stolen the person can't get in because they don't know the secret photo. Once authorization completes the user doesn't have to re-authorize the machine does it for them. If the secret photo fails then authorization doesn't complete, lock the system until the real person clears access. Online sites use this Op/Sys system and their visual secret layer. Initial authorization is quick, subsequent faster and by machine to machine.
wealthychef
5 / 5 (1) Jan 06, 2012
I use a program called 1Password that stores all my passwords in one place. I only have to remember one password. It's for Mac but I'm sure there are similar things for Linux and Windows. But it is more secure to use 2-factor authentication, involving a simple password combined with a physical source.
tthb
not rated yet Jan 06, 2012
situation is ectoplasmic onslaught from without, maybe applied phrenology; piecing things together still; WOW to the rest of them . . . . . . . . . hey, Jesus lives on that, repackages as 'salvation'?? (if successfully pulled off)
Vendicar_Decarian
3.4 / 5 (5) Jan 06, 2012
And when the charger dies?

As Apple Chargers are prone to do....
spaceagesoup
not rated yet Jan 07, 2012
like a 6 month old charger of my mates which, just last week, blew up :/
timoftelaur
not rated yet Jan 08, 2012
I guess that you want an iPad 2, as I wanted, and I want to announce that I have found a method by which you will receive a free ipad2. All you have to do to enjoy this super gadget is to fill in your real data. Just so. You do not have to give bank account or credit card data,only your personal information, and soon you will receive a free ipad2.
All you have to do is to go on free-us-ipad.com and fill the form with your data in order to get a free ipad2.
It is that simple? don`t believe me? what do you have to lose? Just fill in your real data and soon you will enjoy your free ipad2.I'm telling you this because I have nothing to lose,I just want to help others. Think abaut it, you can lose max 2 minutes, but think what you can win, so what do you say, does it worth?