Re: [school-discuss] Re: Passwords for kids?

[Ian Paterson <ipaterson@shaw.ca>]

Karsten M. Self wrote:
> > > But for a fair number of 'em, particulary the younger set, and a few
> > > others with learning disabilities, remembering passwords seems to be
> > > beyond the possible.  Anyone have experience with setting up accounts
> > > for kids?
> > I suppose you could go for a biometric solution
How about using floppy disks as hardware ID tokens? No need for those 
expensive smart cards! Just slap together some public key cryptography 
along with those old disks and you've got yourself a relatively 
inexpensive solution.

(rambling follows)

Anyone remember the days when a class would be issued a set of 25.. err, 
35 disks, one per student, and they would all save to their disk? 
Forgetting about the minor details like available space, hardware 
failures and being tied to an object small enough to loose, in my 
experience, this system functioned [relatively] well because there 
wasn't the fake security of a password that was the same as their user 
name, and therefor no challenge in trying to defeat it. Distribute the 
disks at the beginning of class, the kids go do their thing and a quick 
count at the end of the period will ensure that no one leaves his or her 
disk in the drive.

The downsides to this approach are as follows:

- People loose stuff. Be it kids, adults, teenagers or whatever, those 
disks are going to go missing and when they do, so does yesterday's 
homework/today's Power Point presentation that you're supposed to be 
giving in 4 minutes.

- People break stuff. And bend, [de]magnetize, spill juice on, spill 
coffee on, break pieces off or otherwise vandalize the disks. This too 
renders the data on the disk inaccessible and also reinforces the users 
mistrust in technology.

The solution, as I see it, is to use a combination of physical 
identifiers such as biometrics, swipe cards or old fashion steel keys, 
in addition to the conventional user name/password combination. This can 
be done by adding on to the existing infrastructure of Active Directory 
(aka domain authentication? I'm not very fluent in Microsoft), which 
already stores users' files and preferences globally so you can use any 
computer and still get at your data. Now if you throw in using cheap 
3.5" floppy disks as password equivalent identifiers, you'll be cookin' 
with gas. Here's how it could work:

For each student, distribute a floppy disk containing the student's 
unique ID (or 'certificate', depending on how you think of it; see 
below) and a floppy disk label. The label can have the name already on 
it or you can get the kids to write it themselves, but they should be 
encouraged to personalize their disk so that they will be able to 
recognize it as their own. Colours, stickers, those oh so prevalent 
scented markers or the gel pens that dispense sparkles as well as near 
invisible ink, there should be something that appeals to the 
individual's sense of recognition and leaps out at them from a pile of 
30. Store the labeled disks in the classroom (not the lab) in a place 
that's easy for kids to get at.

Now when someone wants to use a computer to, say, write a biography on 
Clifford Cocks, they sit down at any workstation and *either* type in 
their user name and password, *or*, they can put in their personalized 
floppy disk which contains their ID/certificate that corresponds to 
their account. This way, you have the option of bypassing passwords if 
you hold the unique ID/certificate (in this case, our floppy disk), 
otherwise you can just log in with a user name and password without 
needing to keep track of the floppy.

Although inconvenient, the loss of the floppy disk won't mean the loss 
of data anymore. Replacement of lost/stolen/damaged disks can be 
rectified quickly by a teacher logging in and initializing a new disk 
with two clicks (okay, 2 _double_ clicks). Select the user name and the 
program queries the LDAP server for the relevant information, retrieves 
the appropriate file (which is a hashed certificate and incremented 
number of how many times the ID disk has been written [to lock out old 
disks from working, in case it's known that it was taken/copied]), 
writes the file to disk and pops up with an 'All Done' message.

With this system, the user is able to refine the authentication methods 
to suit his or her needs without the System Administrator needing to 
account for every possible scenario when setting up the system.

Technically speaking, this is really just an implementation of 
certificate-based identification (public key cryptography) that involves 
putting the identifying certificate onto a portable device, the floppy 
disk. A dumbed down smart card, if you will.

(This is ridiculously weak from the point of view of overall security, 
but is does confine some attack vectors from ever having a chance of 
succeeding while still maintaining the accessibility of the system. For 
example, a malicious user isn't going to be able to forge the 
certificate stored on the floppy disk without enlisting the aide of a 
quantum computer, but palming the disk itself would be trivial.)

Comments?
--
Ian Paterson                                  https://www.ipaterson.ca