The Java-based method employs CAPTCHAs as the vehicle to store the complex halves of passwords, says a team led by researchers at the Max Planck Institute for Physics in Dresden, Germany, in their paper "The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs."
DEEP DIVE: 15 genius algorithms that aren't boring
These CAPTCHA images are encrypted using the simple half of the password in combination with a class of mathematical algorithm known as chaotic lattices, says Konstantin Kladko, one of the paper's authors, who works at Axioma Research in Palo Alto, Calif.
To retrieve the complex half of the password, users enter the easy-to-recall password fragment and the algorithm decrypts the CAPTCHA. Users copy the password from the CAPTCHA to decrypt protected files, Kladko says.
He says his team expects that within a month or so it will set up a Web page where users can download a Java applet that performs the encryption and decryption.