Multi-touch authentication on tabletops

David Kim, Paul Dunphy, Pam Briggs, Jonathan Hook, John Nicholson, James Nicholson, Patrick Olivier

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    78 Citations (Scopus)

    Abstract

    The introduction of tabletop interfaces has given rise to the need for the development of secure and usable authentication techniques that are appropriate for the co-located collaborative settings for which they have been designed. Most commonly, user authentication is based on something you know, but this is a particular problem for tabletop interfaces, as they are particularly vulnerable to shoulder surfing given their remit to foster co-located collaboration. In other words, tabletop users would typically authenticate in full view of a number of observers. In this paper, we introduce and evaluate a number of novel tabletop authentication schemes that exploit the features of multi-touch interaction in order to inhibit shoulder surfing. In our pilot work with users, and in our formal user-evaluation, one authentication scheme - Pressure-Grid - stood out, significantly enhancing shoulder surfing resistance when participants used it to enter both PINs and graphical passwords.

    Original languageEnglish
    Title of host publicationCHI 2010 - The 28th Annual CHI Conference on Human Factors in Computing Systems, Conference Proceedings
    Pages1093-1102
    Number of pages10
    Volume2
    DOIs
    Publication statusPublished - 1 Jul 2010
    EventInternational Conference on Human Factors in Computing Systems 2010 - Atlanta, United States of America
    Duration: 10 Apr 201015 Apr 2010
    Conference number: 28th
    http://www.chi2010.org/

    Conference

    ConferenceInternational Conference on Human Factors in Computing Systems 2010
    Abbreviated titleCHI 2010
    CountryUnited States of America
    CityAtlanta
    Period10/04/1015/04/10
    Internet address

    Keywords

    • graphical passwords
    • multi-touch interaction
    • shoulder surfing
    • user authentication

    Cite this