Worth a Look: Facing Password Insecurity

By John Wagley

In recent years, many computer users have strengthened their login security by using technology, such as fingerprint biometrics. Swiss-based firm KeyLemon is offering a new product of the same name that lets users log in with facial recognition. 

The KeyLemon software can replace users’ traditional Windows log in screen. It can also use facial recognition to check, at regular intervals, that the person at the computer is the proper owner. The software can also be set to snap a picture of a potential hijacker before locking the operating system.
KeyLemon can work with many types of Webcams that are integrated or attached to computers, according to the parent company.
After downloading the software, an installation wizard walks users through a handful of simple steps including capturing and registering a facial image. The software first shows users a view of their face as it appears through the Webcam. To the left of the image, a convenient bar graph, which rises and falls, helps users position their face to help the program capture the strongest image. Multiple profiles can be created; each user can be automatically logged into his respective account.
The continuous facial authentication functionality checks computer users’ faces every 10 seconds by default. When this reviewer stepped away from the computer, the system successfully locked. Upon return, users see an image of their face on the computer screen. The computer unlocked almost instantly.
With a new Firefox plugin, KeyLemon users can now access the social networking sites Facebook, LinkedIn, and Twitter. The plugin is included in the KeyLemon download; the functionality can be toggled on during the setup process. Accessing such sites appeared relatively simple. When first accessing one of the sites, KeyLemon authenticates the user’s face. A screen is presented that asks for the site login credentials. Subsequent site access only requires facial recognition.
KeyLemon’s captured biometric data—consisting of a hash or algorithm based on data points drawn from the user’s facial features—is encrypted and stored on the local computer. The parent company never accesses the data or shares it with third parties, it says.
While using KeyLemon’s ongoing facial recognition capability, the computer unexpectedly shut down on one occasion. This can sometimes occur, apparently, if a user temporarily turns away or moves too far away from the Webcam. This problem could potentially be alleviated by stretching out the intervals between facial captures. To make KeyLemon work more smoothly overall, it could also be advisable to ensure that the originally-captured facial image is strong.
When in use, KeyLemon also prohibits use of the Webcam for other applications. A few users could find this a minor inconvenience if, for example, they wanted to use KeyLemon with video Internet telephony.
KeyLemon could be particularly useful for people who share their computer. The automatic-lock feature could also be helpful for people who want additional privacy when using their computer at a public location. At a cost of just $20, many people may find KeyLemon worth a look.
Pros. KeyLemon offers biometric security for a relatively low price. It’s simple to set up and causes minimal computer lag during operation.

Cons. With the ongoing security functionality, the program, on apparently rare occasions, appears to lock the computer if a user moves too far from the Webcam.

Where to get it. Available at the parent company site in addition to other sites that offer numerous software downloads. A free trial lasts for 30 log-ins; licenses are $20.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.