“Everyone knows there is a problem with passwords. What I would like to do is I’d like to move us to a world where you sit down at a console, identify yourself, and you just start working. The authentication happens in the background – invisible to you – while you continue doing your work without interruptions.” - Mr. Richard Guidorizzi, DARPA Program Manager, Beyond Passwords
The current standard method for validating a user’s identity for authentication on an information system requires humans to do something that is inherently unnatural: create, remember, and manage long, complex passwords.
Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard.
Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console.
The Active Authentication program seeks to address this problem by developing novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software based biometrics. Biometrics are defined as the characteristics used to uniquely recognize humans based on one or more intrinsic physical or behavioral traits.