Vidoop: Passwords in a picture, sponsored by Mercedes

One of the companies presenting at the Web 2.0 Expo Launchpad sessions on Tuesday is the very strange security company, Vidoop. This firm makes a system that replaces passwords with pictures. It's quite ingenious, and much more secure than standard, hackable, or keyboard-loggable passwords.

Setting up my Vidoop account by choosing picture categories.

(Credit: CNET Networks)

When you want to sign on to a Vidoop-protected site, you're shown a grid of pictures, each of which has a letter stamped on top of it. Your job is to select the pictures in the categories that you've selected as your password. For example, if you've selected car, boat, plane as password, then you need to find the pictures of the car, the boat, and the plane in the grid, and enter in the letter on top of each one of them. It requires more thought than just typing in your birthday, but it is more secure.

Each time you try to log in, the pictures change. The "airplane" one time may be a fighter jet, the next time a 747. The pictures' positions changes in the grid, too. And the letters that go with the proper pictures also change. This makes the password very difficult to hack.

Vidoop sign-on: Select the letters on top of your secret picture categories.

(Credit: CNET Networks)

Vidoop can act as an authentication technology for a high-security site, like a bank. It's also an OpenID provider, so if you want to use sites that authenticate against OpenID, you can use Vidoop.com to provide the authentication. (OpenID is a great new technology for reducing password overload, although it's going to be hard to explain to consumers how it works.)

The twist on Vidoop that I really like is this: The pictures can be sponsored. For example, in the demo I saw, "car" picture was always a Smart Car. It may be a different picture each time, but when a car appears on a grid, it's a Smart.

I doubt Vidoop is completely unhackable, but it does look like a better and more secure password solution than requiring people to memorize (or, more likely, to write down) increasingly long and complex passphrases. And the sponsoroship angle is really clever.

The site should be go in to open beta soon. It's a closed beta right now, but if you happen to be at the Web 2.0 Expo, you can stop by Vidoops's booth and grab a printed invitation code to get into the site.

See also: The Hot-or-Not captcha.