The Pattern-richness of Graphical Passwords

被引：0

作者：

Vorster, Johannes S. ^{[1
,2
]}

van Heerden, Renier P. ^{[3
,4
]}

Irwin, Barry ^{[1
]}

机构：

[1] Rhodes Univ, Grahamstown, South Africa

[2] Barclays Africa, Johannesburg, South Africa

[3] CSIR, Stellenbosch, Western Cape, South Africa

[4] Nelson Mandela Metropolitan Univ, Port Elizabeth, South Africa

来源：

2016 INFORMATION SECURITY FOR SOUTH AFRICA - PROCEEDINGS OF THE 2016 ISSA CONFERENCE | 2016年

关键词：

Information security; graphical passwords; password patterns; user authentication; user study;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Conventional (text-based) passwords have shown patterns such as variations on the username, or known passwords such as "password", "admin" or "12345". Patterns may similarly be detected in the use of Graphical passwords (GPs). The most significant such pattern - reported by many researchers - is hotspot clustering. This paper qualitatively analyses more than 200 graphical passwords for patterns other than the classically reported hotspots. The qualitative analysis finds that a significant percentage of passwords fall into a small set of patterns; patterns that can be used to form attack models against GPs. In counter action, these patterns can also be used to educate users so that future password selection is more secure. It is the hope that the outcome from this research will lead to improved behaviour and an enhancement in graphical password security.

引用

页码：69 / 76

页数：8

共 50 条

[1] Graphical Passwords - A Discussion
Kayem, Anne V. D. M.
[J]. IEEE 30TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS (WAINA 2016), 2016, : 596 - 600
[2] Graphical passwords: A survey
Suo, XY
Zhu, Y
Owen, GS
[J]. 21ST ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2005, : 419 - 428
[3] Graphical dictionaries and the memorable space of graphical passwords
Thorpe, J
van Oorschot, PC
[J]. USENIX ASSOCIATION PROCEEDINGS OF THE 13TH USENIX SECURITY SYMPOSIUM, 2004, : 135 - 150
[4] The design and analysis of graphical passwords
Jermyn, I
Mayer, A
Monrose, F
Reiter, MK
Rubin, AD
[J]. USENIX ASSOCIATION PROCEEDINGS OF THE EIGHTH USENIX SECURITY SYMPOSIUM (SECURITY '99), 1999, : 1 - 14
[5] The Presentation Effect on Graphical Passwords
Thorpe, Julie
Al-Badawi, Muath
MacRae, Brent
Salehi-Abari, Amirali
[J]. 32ND ANNUAL ACM CONFERENCE ON HUMAN FACTORS IN COMPUTING SYSTEMS (CHI 2014), 2014, : 2947 - 2950
[6] Eye Tracking Graphical Passwords
Mihajlov, Martin
Jerman-Blazic, Borka
[J]. ADVANCES IN HUMAN FACTORS IN CYBERSECURITY, 2018, 593 : 37 - 44
[7] Are Graphical Authentication Mechanisms As Strong As Passwords?
Renaud, Karen
Mayer, Peter
Volkamer, Melanie
Maguire, Joseph
[J]. 2013 FEDERATED CONFERENCE ON COMPUTER SCIENCE AND INFORMATION SYSTEMS (FEDCSIS), 2013, : 837 - 844
[8] Multiple password interference in graphical passwords
Software Engineering Institute, Xidian University, Xi'an, Shaanxi 710071, China
[J]. Int. J. Inf. Comput. Secur., 2012, 1 (11-27):
[9] Graphical passwords: Behind the attainment of goals
Vaddeti, Ankitha
Vidiyala, Deepthi
Puritipati, Vineetha
Ponnuru, Raveendra Babu
Shin, Ji Sun
Alavalapati, Goutham Reddy
[J]. SECURITY AND PRIVACY, 2020, 3 (06):
[10] Graphical passwords based on robust discretization
Birget, Jean-Camille
Hong, Dawei
Memon, Nasir
[J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2006, 1 (03) : 395 - 399

← 1 2 3 4 5 →