Abstract
One common practice in relation to alphanumeric passwords is to write them down or share them with a trusted friend or colleague. Graphical password schemes often claim the advantage that they are significantly more secure with respect to both verbal disclosure and writing down. We investigated the reality of this claim in relation to the Passfaces graphical password scheme. By collecting a corpus of naturalistic descriptions of a set of 45 faces, we explored participants' ability to associate descriptions with faces across three conditions in which the decoy faces were selected: (1) at random; (2) on the basis of their visual similarity to the target face; and (3) on the basis of the similarity of the verbal descriptions of the decoy faces to the target face. Participants were found to perform significantly worse when presented with visual and verbally grouped decoys, suggesting that Passfaces can be further secured for description. Subtle differences in both the nature of male and female descriptions, and male and female performance were also observed.
Original language | English |
---|---|
Title of host publication | SOUPS 2008 - Proceedings of the 4th Symposium on Usable Privacy and Security |
Pages | 24-34 |
Number of pages | 11 |
DOIs | |
Publication status | Published - 1 Dec 2008 |
Externally published | Yes |
Event | 4th Symposium on Usable Privacy and Security, SOUPS 2008 - Pittsburgh, PA, United States of America Duration: 23 Jul 2008 → 25 Jul 2008 |
Conference
Conference | 4th Symposium on Usable Privacy and Security, SOUPS 2008 |
---|---|
Country/Territory | United States of America |
City | Pittsburgh, PA |
Period | 23/07/08 → 25/07/08 |
Keywords
- Description
- Graphical passwords
- Passfaces