More Web Proxy on the site http://driver.im/

short-paper

Do You See What I See?: The Use of Visual Passwords for Authentication

Authors:

Marc J. Dupuis,

Michael McIntoshAuthors Info & Claims

SIGITE '20: Proceedings of the 21st Annual Conference on Information Technology Education

Pages 58 - 61

https://doi.org/10.1145/3368308.3415458

Published: 07 October 2020 Publication History

Abstract

A password is one of the oldest forms of authentication whose popularity has not waned. Passwords are easy to use, inexpensive to deploy, and are familiar by everyone. However, this comes with a cost. Passwords are easy to guess, difficult to remember when they are made complex and unique, and found everywhere on the Dark Web. The security usability paradox suggests that any improvements in security will result in a decrease in usability, and vice versa. In this paper, we examine the feasibility of a visual password system in which a traditional password is used, but with the additional capability of modifying the characters of the password to provide significantly higher levels of entropy.

References

[1]

Robert Biddle, Sonia Chiasson, and P.C. Van Oorschot. 2012. Graphical Passwords: Learning from the First Twelve Years. ACM Comput. Surv., Vol. 44, 4 (Sep 2012), 19:1--19:41. https://doi.org/10.1145/2333112.2333114

Digital Library

[2]

Ines Bramao, Alexandra Reis, Karl Petersson, and Luis Faisca. 2011. The role of color information on object recognition: A review and meta-analysis. Acta Psychologica 138 (Jun 2011), 244--253.

[3]

Marc Dupuis, Barbara Endicott-Popovsky, and Robert Crossler. 2013. An Analysis of the Use of Amazon's Mechanical Turk for Survey Research in the Cloud. In International Conference on Cloud Security Management.

[4]

Marc Dupuis, Tamara Geiger, Marshelle Slayton, and Frances Dewing. 2019. The Use and Non-Use of Cybersecurity Tools Among Consumers: Do TheyWant Help?. In Proceedings of The 20th Annual Conference on Information Technology Education (SIGITE '19). ACM. https://doi.org/10.1145/3349266.3351419

Digital Library

[5]

Marc Dupuis and Faisal Khan. 2018. Effects of peer feedback on password strength. In 2018 APWG Symposium on Electronic Crime Research (eCrime). IEEE, 1--9. https://doi.org/10.1109/ECRIME.2018.8376210

[6]

Andrew Elliot and Markus Maier. 2007. Color and Psychological Functioning. CURRENT DIRECTIONS IN PSYCHOLOGICAL SCIENCE, Vol. 16, 5 (Feb 2007), 250--254.

[7]

Jonathan Flombaum and Sarah Allred. 2014. Relating Color Working Memory and Color Perception. Trends in Cognitive Science, Vol. 18, 11 (2014), 562--565.

[8]

H. Gao, X. Liu, S. Wang, H. Liu, and R. Dai. 2009. Design and Analysis of a Graphical Password Scheme. In 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC). 675--678. https://doi.org/10.1109/ICICIC.2009.158

Digital Library

[9]

Joseph Goldberg, Jennifer Hagman, and Vibha Sazawal. 2002. Doodling Our Way to Better Authentication. In CHI '02 Extended Abstracts on Human Factors in Computing Systems (CHI EA '02). ACM, 868--869. https://doi.org/10.1145/506443.506639

Digital Library

[10]

Anya Hurlbert and Yazhu Ling. 2007. Biological components of sex differences in color preference. Current Biology, Vol. 17, 16 (2007), R623--R625.

[11]

Zhi Li, Qibin Sun, Yong Lian, and D. D. Giusto. 2005. An Association-Based Graphical Password Design Resistant to Shoulder-Surfing Attack. In 2005 IEEE International Conference on Multimedia and Expo. 245--248. https://doi.org/10.1109/ICME.2005.1521406

[12]

P. L. Lin, L. T. Weng, and P. W. Huang. 2008. Graphical Passwords Using Images with Random Tracks of Geometric Shapes. In 2008 Congress on Image and Signal Processing, Vol. 3. 27--31. https://doi.org/10.1109/CISP.2008.603

[13]

Stephen Palmer and Karen Schloss. 2010. An Ecological Valence Theory of Human Color Preference. National Academy of Sciences, Vol. 107, 19 (2010), 8877--8882.

[14]

J. H. Saltzer and M. D. Schroeder. 1975. The protection of information in computer systems. Proc. IEEE, Vol. 63, 9 (Sep 1975), 1278--1308. https://doi.org/10.1109/PROC.1975.9939

[15]

David O. Sears. 1986. College sophomores in the laboratory: Influences of a narrow data base on social psychology?s view of human nature. Journal of Personality and Social Psychology, Vol. 51, 3 (1986), 515.

Cited By

Dupuis MBee JWright-Mockler A(2022)Virtual Cybersecurity Camps: Lessons LearnedProceedings of the 23rd Annual Conference on Information Technology Education10.1145/3537674.3555787(130-133)Online publication date: 21-Sep-2022
https://dl.acm.org/doi/10.1145/3537674.3555787
Dupuis MJennings ARenaud KLunt BHansen DMorrey P(2021)Scaring People is Not EnoughProceedings of the 22nd Annual Conference on Information Technology Education10.1145/3450329.3476862(35-40)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3450329.3476862

Index Terms

Do You See What I See?: The Use of Visual Passwords for Authentication
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Social aspects of security and privacy
    2. Usability in security and privacy
  2. Security services
    1. Authentication
      1. Graphical / visual passwords

Recommendations

Helping users create and remember more secure text passwords
BCS-HCI '08: Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 2

This doctoral research aims to persuade users to choose and remember more secure text passwords. The first component involved user studies demonstrating that users can be persuaded to create more secure text passwords. Unfortunately, the stronger ...
EpisoDAS: DAS-based password generation using episodic memories
AVI '18: Proceedings of the 2018 International Conference on Advanced Visual Interfaces

We introduce a simple and powerful visual interaction technique for managing strong passwords. Passwords have been used for authentication for decades, but appropriate handling of passwords is difficult because people can easily forget passwords and ...
Cognition and Predictors of Password Selection and Usability
Augmented Cognition: Users and Contexts
Abstract
Computer passwords represent a secure authentication process used to access electronic information. Inconsequential of data storage location many of us utilize multiple unique computer passwords to access information on a daily basis. Since the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGITE '20: Proceedings of the 21st Annual Conference on Information Technology Education

October 2020

446 pages

ISBN:9781450370455

DOI:10.1145/3368308

General Chairs:
Deepak Khazanchi
University of Nebraska at Omaha, USA
,
Harvey Siy,
Program Chairs:
George Grispos,
Tenace Kwaku Setor
University of Nebraska at Omaha, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGITE: ACM Special Interest Group on Information Technology Education

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

SIGITE '20

Sponsor:

SIGITE

SIGITE '20: The 21st Annual Conference on Information Technology Education

October 7 - 9, 2020

Virtual Event, USA

Acceptance Rates

Overall Acceptance Rate 176 of 429 submissions, 41%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
86
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)1

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dupuis MBee JWright-Mockler A(2022)Virtual Cybersecurity Camps: Lessons LearnedProceedings of the 23rd Annual Conference on Information Technology Education10.1145/3537674.3555787(130-133)Online publication date: 21-Sep-2022
https://dl.acm.org/doi/10.1145/3537674.3555787
Dupuis MJennings ARenaud KLunt BHansen DMorrey P(2021)Scaring People is Not EnoughProceedings of the 22nd Annual Conference on Information Technology Education10.1145/3450329.3476862(35-40)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3450329.3476862

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents