💭Recauth

Auth for MetaOS: Recall-based Authentication Demo

This is a demo of Recauth (recall-based authentication method) which can be used for primary vault (password manager) to be a part of the efforts to make password-less authentication.

There are possession (inc. passkeys), inherence, and memorizing used in infosec, possession can't be used for vault 'cause losing it means losing all. Inherence can be copied or used while consciousless (eg. sleeping) and can't be for primary vault too. The only factor is memorizing is possible in this case, but remembering complex password is not favoured modernly. Using recall-based method is a good try to be passwordless.

This idea was used in the early Internet for account recovery. The idea is each user has a sequence of security questions to answer, the vault combines the answers and make a hash password or key. Answers are case-insensitive, and spaces are collapsed, to avoid exact memorizing which is hard in humans. After auth, a short PIN is used to avoid answering again.

 
Sample Questions
Username:
What is the shape you think of?
What is the sound you think of?

 
Answers Combined
Final SHA1 Hash
The final result is hash to be used as classic PW or deriving key
 
 
 
An effort by Nacait Team
 
 
AI: Hi, I'm local-only AI to help you understand the authentication process.