Hitoshi Kokumai

3 weeks ago · 3 min. reading time · visibility ~10 ·

chat Contact the author

thumb_up Relevant message Comment

Leak-resistant Secret Credentials

“Expanded Password System

wane = Only I can select all of
BS] them correctly

Broader choices with both images and characters accepted






Easy to manage relenons between accounts and corresponding passwords.


Torturous login is history. Login is now comfortable, relaxing and healing


Today's topic is “Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials”  https://www.theregister.com/2021/09/22/microsoft_exchange_autodiscover_protocol_found/

It appears to be next to impossible for any talented servicers to locate all the critical vulnerabilities before someone else, bad guys in many cases, locate them. Then we should better assume that our own credentials could leak at any time. 

One of the valid solutions against it would be to use the passwords whose hashed entropy is so big as to stand the brute force attacks by supercomputers.  It is not what humans can easily do, however, meaning that we need a powerful tool to achieve it like the stones and clubs for our ancestors.

Our proposition of ‘image-to-code conversion’ might well make a sizeable contribution as discussed here “New Slide - Healthy Second Life of Legacy Password Systems” https://www.linkedin.com/posts/hitoshikokumai_bring-a-healthy-second-life-to-legacy-password-activity-6837948929376681984-xKjH

Well, were you considering that killing the password could be a solution? 

What does not exist will indeed not leak, but we will end up seeing our future killed; Where our identity is established without our will/volition confirmed, democracy is fatally eroded. Practically we would no longer have a restful sleep unless staying alone in a closed space locked from within or fenced by faithful bodyguards.

Incidentally, the security effect of removing the password is discussed here – “Remove the army and we will have a stronger national defense” 

Relation of Accounts & Passwords


* Unique matrices of images allocated to different accounts.

+ Ata glance you will immediately realize what images you should pick
up as your passwords for this or that account.

Key References 

 Bring a healthy second life to legacy password systems

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens

Image-to-Code Conversion by Expanded Password System

Summary and Brief History - Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Account Recovery with Expanded Password System

Ifonlytextand fare OK [SUV BIOKUW

to memonze
text/number passwords

{Text Mode)
Recall the remembered

J 2


<veco N=

Ox ma

XxXBFr mow



Low memory ceiling

to lighten the load of

text passwords


{Graphics Mode)
Recognize the pictures
remembered mn stones


High memory ceiling



to make use of
memorized images

{Ongimal Picture Mode)

Recognize the unforgettable
pictures of episodic memories

sRBO yr
L@ S00




Very high memory cuiding

— Think ofall those adders you have to climb in Donkey Kong 1+)

Additional References

Removal of Passwords and Its Security Effect

Step-by-Step Analysis of Why and How Biometrics Brings Down Security

Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

 History, Current Status and Future Scenarios of Expanded Password System

Availability-First Approach

Update: Questions and Answers - Expanded Password System and Related Issues 

Secret Credenti



Episodic Memory


 < Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes - narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication

thumb_up Relevant message Comment

More articles from Hitoshi Kokumai

View blog
1 week ago · 2 min. reading time
Hitoshi Kokumai

Nonpredictable Passwords Carried Around on Memo

I got interested in this article -on the password ...

1 week ago · 3 min. reading time
Hitoshi Kokumai

Serious Funny Reality

I take up this new report today - “Researchers Def ...

1 month ago · 2 min. reading time
Hitoshi Kokumai

Dual Causes of Password Predicament

Our password headache may well be the consequence ...