Graphical passwords & qualitative spatial relations

Di Lin, Paul Dunphy, Patrick Olivier, Jeff Yan

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    40 Citations (Scopus)


    A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Drawa-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-ASecret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.

    Original languageEnglish
    Title of host publicationSOUPS 2007
    Subtitle of host publicationProceedings of the Third Symposium On Usable Privacy and Security
    Number of pages2
    Publication statusPublished - 14 Dec 2007
    EventSOUPS 2007: 3rd Symposium On Usable Privacy and Security - Pittsburgh, United States of America
    Duration: 18 Jul 200720 Jul 2007


    ConferenceSOUPS 2007: 3rd Symposium On Usable Privacy and Security
    CountryUnited States of America

    Cite this