ReportDOI
Picture Password: A Visual Login Technique for Mobile Devices
Reads0
Chats0
TLDR
Picture Password is described, a general-purpose mechanism for authenticating a user to a PDA using a visual login technique called Picture Password, which overcome a number of problems with knowledge-based authentication for handheld devices.Abstract:
Adequate user authentication is a persistent problem, particularly with handheld devices such as Personal Digital Assistants (PDAs), which tend to be highly personal and at the fringes of an organization's influence. Yet, these devices are being used increasingly in corporate settings where they pose a security risk, not only by containing sensitive information, but also by providing the means to access such information over wireless network interfaces. User authentication is the first line of defense for a lost or stolen PDA. However, motivating users to enable simple PIN or password mechanisms and periodically update their authentication information is a constant struggle. This paper describes a general-purpose mechanism for authenticating a user to a PDA using a visual login technique called Picture Password. The underlying rationale is that image recall is an easy and natural way for users to authenticate, removing a serious barrier to compliance with organizational policy. Features of Picture Password include style dependent image selection, password reuse, and embedded salting, which overcome a number of problems with knowledge-based authentication for handheld devices. Though designed specifically for handheld devices, Picture Password is also suitable for notebooks, workstations, and other computational devices.read more
Citations
More filters
Proceedings ArticleDOI
Graphical passwords: a survey
Xiaoyuan Suo,Ying Zhu,G.S. Owen +2 more
TL;DR: This survey tries to answer two important questions: "Are graphical passwords as secure as text-based passwords?" and "What are the major design and implementation issues for graphical passwords?"
Proceedings Article
On user choice in graphical password schemes
TL;DR: It is shown that permitting user selection of passwords in two graphical password schemes can yield passwords with entropy far below the theoretical optimum and, in some cases, that are highly correlated with the race or gender of the user.
Journal ArticleDOI
Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems
TL;DR: Results demonstrate that pictures can be a solution to some problems relating to traditional knowledge-based authentication but that they are not a simple panacea, since a poor design can eliminate the picture superiority effect in memory.
Proceedings Article
Human-seeded attacks and exploiting hot-spots in graphical passwords
Julie Thorpe,P. C. van Oorschot +1 more
TL;DR: The results suggest that these graphical password schemes appear to be at least as susceptible to offline attack as the traditional text passwords they were proposed to replace.
Journal Article
Pass-Go: A Proposal to Improve the Usability of Graphical Passwords
Hai Tao,Carlisle Adams +1 more
TL;DR: A new graphical password scheme, Pass-Go, in which a user selects intersections on a grid as a way to input a password, which supports most application environments and input devices, and can be used to derive cryptographic keys.
References
More filters
Journal ArticleDOI
Password security: a case history
Robert Morris,Ken Thompson +1 more
TL;DR: The present design of the password security scheme was the result of countering observed attempts to penetrate the system and is a compromise between extreme security and ease of use.
Proceedings Article
Déjà Vu: a user study using images for authentication
Rachna Dhamija,Adrian Perrig +1 more
TL;DR: Deja Vu is a recognition-based authentication system, which authenticates a user through her ability to recognize previously seen images, which is more reliable and easier to use than traditional recall-based schemes, which require the user to precisely recall passwords or PINs.
Proceedings Article
The design and analysis of graphical passwords
TL;DR: This work proposes and evaluates new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords and describes the prototype implementation of one of the schemes on a personal digital assistants (PDAs) namely the Palm PilotTM.
Journal Article
Foiling the cracker: A survey of, and improvements to, password security
TL;DR: Some of the problems of current password security are outlined by demonstrating the ease by which individual accounts may be broken, and one solution to this point of system vulnerability, a proactive password checker is proposed.
Journal ArticleDOI
Refereed articles: OPUS: Preventing weak password choices
TL;DR: This paper describes a space-efficient method of storing a dictionary of words that are not allowed as password choices, and has other interesting features, a few of which are describe here.