A system and method are disclosed in which a user adds random characters or produces random gestures while s/he enters a password/pin. The password/pin input string becomes a combination of substrings--some of which are part of the valid password string and some of which consist of random characters or gestures. The correct password characters are then easily detected by a security password extracting system that matches characters in the correct password string to those that appear in the garbled string. The method disclosed can be performed with touchscreen gesture passwords, security questions, voice passwords or similar security lock. The method is easy to use and increases protection for passwords without adding to mental workload of the user, while making it difficult for an observer to hack passwords. It also allows entry of passwords without having to re-enter if mistakes are made.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.