Prevents behavioral profiling by randomizing the rate at which characters reach the DOM.
Updated to reflect changes in the industry and ensure every type of input is protected.
Fixed lag caused by numerous textarea inputs on a given page.
Increased default “dwell” and “gap” times to 200ms.
Tested against BehavioSec 20/08/16 with a 0.02% (RED) result.
This is a proof-of-concept plugin, following research by two independent security professionals (Paul Moore & Per Thorsheim). See https://paul.reviews/behavioral-profiling-the-password-you-cant-change/ for more details.
This seems to work @ 300ms on Keytrack but they were able to get high confidence @ 200ms for me. The Experimental port on Mozilla Addons does not work at all for me however, any chance you can finally port this to Firefox, now that they have a decent WebExtension API?
No, as of 2017 Nov, all the “biometric” can over come this tiny trick with over 90% confidence. Even 1000 dwell/delay would not help at all.
I’ve been using this extension for quite a while, both in Firefox and Chrome. It’s great.
With the add-on disabled, converged on a green policy for the id; during testing of the trained id, needed to set add-on to 500 each dwell/delay to confuse the tested id to red reliably. Full training with the add-on enabled at 500 dwell/delay each still converged on a green id policy; also, it still recognized the id during testing with or without the add-on enabled at 500. Full training with add-on at 1000 each converged on a red policy during training, yellow policy during testing, yellow or red identification; during testing, did not matter with or without add-on
Unfortunately it seems the only thing that confuses the app is the add-on slowing down my slow connection/processor so much that it cannot get any timing data off the keyboard at all due to the latencies.
Man, I must be really easy to profile because I turned my settings up to 5000 for both gap and dwell and I am still consistently getting >97%. Actually, I’m not really sure if the plugin is actually doing anything because I don’t notice any kind of delay, even with these really high settings. Of course, if I consciously make myself type in an unusual fashion, I get < 10%, but then it's not the plugin, it's me.
On the plus side, the plug-in doesn't seem to be causing any determent to my online experience, so I don't want to be too harsh with my rating. I love the idea…
i like dit. tx
Would be much better with a url whitelist
Works like a charm also directly hits the page in way boosting my paging speed
me parece una exclente extención, pero si saben darle un buen uso 🙂
Worthy add-on towards ensuring a bit more anonymity in the world of billions of personal data points!
Works, however, the dwell and gap times should be random for each website instance
As the three one-star reviews note, yes, it does seem a bit wonky with the default settings. I upped mine to 100 dwell, 120 gap, and consistently get <50% accuracy on that site now. It works great; the default settings are just a bit too much within normal variation.
It seems that if you thinker with the global settings you get a lower %
Works just as intended! 🙂