Graphical passwords & qualitative spatial relations

Di Lin; Paul Dunphy; Patrick Olivier; Jeff Yan

doi:10.1145/1280680.1280708

Graphical passwords & qualitative spatial relations

Di Lin, Paul Dunphy, Patrick Olivier, Jeff Yan

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

40 Citations (Scopus)

Abstract

A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Drawa-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-ASecret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.

Original language	English
Title of host publication	SOUPS 2007
Subtitle of host publication	Proceedings of the Third Symposium On Usable Privacy and Security
Pages	161-162
Number of pages	2
Volume	229
DOIs	https://doi.org/10.1145/1280680.1280708
Publication status	Published - 14 Dec 2007
Event	SOUPS 2007: 3rd Symposium On Usable Privacy and Security - Pittsburgh, United States of America Duration: 18 Jul 2007 → 20 Jul 2007

Conference

Conference	SOUPS 2007: 3rd Symposium On Usable Privacy and Security
Country	United States of America
City	Pittsburgh
Period	18/07/07 → 20/07/07

Access to Document

10.1145/1280680.1280708

Link to publication in Scopus

Cite this

@inproceedings{ada507d222054766bfb8e9cb3612031d,

title = "Graphical passwords & qualitative spatial relations",

abstract = "A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Drawa-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-ASecret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.",

author = "Di Lin and Paul Dunphy and Patrick Olivier and Jeff Yan",

year = "2007",

month = dec,

day = "14",

doi = "10.1145/1280680.1280708",

language = "English",

isbn = "159593801X",

volume = "229",

pages = "161--162",

booktitle = "SOUPS 2007",

note = "SOUPS 2007: 3rd Symposium On Usable Privacy and Security ; Conference date: 18-07-2007 Through 20-07-2007",

}

TY - GEN

T1 - Graphical passwords & qualitative spatial relations

AU - Lin, Di

AU - Dunphy, Paul

AU - Olivier, Patrick

AU - Yan, Jeff

PY - 2007/12/14

Y1 - 2007/12/14

N2 - A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Drawa-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-ASecret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.

AB - A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Drawa-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-ASecret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.

UR - http://www.scopus.com/inward/record.url?scp=36849043095&partnerID=8YFLogxK

U2 - 10.1145/1280680.1280708

DO - 10.1145/1280680.1280708

M3 - Conference Paper

AN - SCOPUS:36849043095

SN - 159593801X

SN - 9781595938015

VL - 229

SP - 161

EP - 162

BT - SOUPS 2007

T2 - SOUPS 2007: 3rd Symposium On Usable Privacy and Security

Y2 - 18 July 2007 through 20 July 2007

ER -