Eye gesture blink password: a new authentication system with high memorable and maximum password length

  • Hananeh Salehifar
  • Peyman BayatEmail author
  • Mojtaba Amiri Majd


Authentication systems in which eye is used for entering the password are categorized into two gaze-based and gesture-based groups. In the accurate point-of-regard gaze measurements, a key subject with gaze-based authentication schemes is needed. Gesture-based systems are based on identifying the eye movement tracking, hence, there is no need to estimate the precise point of the user’s vision. Although gesture-based systems are superior to gaze-based methods, they are not appropriate and applicable in remembering the equivalent gesture of any suitable number due to the high memory overhead. This paper introduces the new Eye Gesture Blink Password authentication system (EGBP). The system is based on four basic ideas: system design, the algorithm of finding fixations without having to track pupils in all frames, allowing users to blink as part of the password and the new method of finding the user password using the angle formed between the fixations. EGBP has several basic advantages compared to existing authentication systems including the no need for a commercial eye tracker that lowers the system’s cost, removing the calibration step that increases the speed and requires less processing, and choosing a maximum length code that reduces the likelihood of the likeness of the selected password and increases security. The possibility of simply memorizing the password because of the possibility of blinking and user’s high-speed input is another advantage of this system.


Authentication system Eye gesture Viterbi algorithm Password detection 



  1. 1.
    Ashbourn J (2000) Biometrics. Advanced IdentityVerification. Springer Verlag, LondonGoogle Scholar
  2. 2.
    Bednarik R, Kinnunen T, Mihaila A, Fränti P (2005) Eye-movements as a biometric. In: Kalviainen H, Parkkinen J, Kaarna A (eds) SCIA. LNCS, vol 3540. Springer, Heidelberg, pp 780–789Google Scholar
  3. 3.
    Biddle R, Chiasson S, and van Oorschot, PC (2009) Graphical passwords: learning from the first generation. Technical Report TR-09-09, School of Computer Science, Carleton UniversityGoogle Scholar
  4. 4.
    Bulling A, Alt F, Schmidt A (2012) Increasing the security of gaze-based cued-recall graphical passwords using saliency masks, CHI’12, May 5–10, Austin, Texas, USA. Copyright 2012 ACM 978–1–4503-1015-4/12/05...$10.00Google Scholar
  5. 5.
    Chiasson S, van Oorschot PC, Biddle R (2007) Graphical password authentication using cued click points. ESORICS, LNCS 4734:359–374Google Scholar
  6. 6.
    Chiasson S, Srinivasan J, Biddle R, and van Oorschot PC (2008) Centered discretization with application to graphical passwords. In Usability, Psychology, and Security (UPSEC). USENIXGoogle Scholar
  7. 7.
    Coventry L, De Angeli A, and Johnson G (2003) Usability and biometric verification at the ATM interface. In: Proceedings of CHI '03, Fort Lauderdale, Florida, USA, April 5–10Google Scholar
  8. 8.
    Cowan N (2009) What are the differences between long-term, short-term, and working memory? Prog Brain Res 169:323–338Google Scholar
  9. 9.
    Dagnes N, Vezzetti E, Marcolin F, and Tornincasa S (2018) Occlusion detection and restoration techniques for 3D face recognition: a literature review. Mach Vis Appl 29(5):789–813Google Scholar
  10. 10.
    Dagnes N et al (2018) What is the best set of markers for facial movements recognition? Ann Phys Rehabil Med 61:e455–e456CrossRefGoogle Scholar
  11. 11.
    De Luca A, Weiss R, and Drewes H (2007) Evaluation of eye-gaze interaction methods for security enhanced pin-entry. In Proceedings of the 19th Australasian Conference on Computer-Human Interaction, 199–202Google Scholar
  12. 12.
    De Luca A, Weiss R, Hußmann H (2007) PassShape – Stroke based shape passwords. In: Proceedings of OZCHI 2007, Adelaide, Australia, 28–30.11.2007Google Scholar
  13. 13.
    De Luca A, Weiss R, Hussmann H, An X (2008) Eyepass - eye-stroke authentication for public terminals, CHI '08 Extended Abstracts on Human Factors in Computing Systems, Florence, Italy, Pages 3003–3008, April 05–10Google Scholar
  14. 14.
    De Luca A, Denzel M, and Hussmann H (2009) Look into my eyes! Can you guess my password? In Proceedings of the 5th Symposium on Usable Privacy and SecurityGoogle Scholar
  15. 15.
    Duchowski AT (2017) Eye movement analysis, eye tracking methodology, Springer International Publishing,
  16. 16.
    Dunphy P, Fitch A, and Olivier P (2008) Gaze-contingent passwords at the ATM. In COGAINGoogle Scholar
  17. 17.
    Forge A, Chiasson S, Biddle R (2010) Input precision for gaze-based graphical passwords, copyright is held by the author/owner(s). CHI 2010, April 10–15, Atlanta, Georgia, USA ACM 978–1–60558-930-5/10/04Google Scholar
  18. 18.
    Forget SC, Biddle R (2010) Shoulder-surfing resistance with eye-gaze entry in click-based graphical passwords. In: SIGCHI Conference on Human Factors in Computing Systems (CHI). ACMGoogle Scholar
  19. 19.
    Hoanca B, Mock K (2006) Secure graphical password system for high traffic public areas. In: Proceedings of ETRA - Eye Tracking Research and Applications Symposium. San Diego, California, USA: ACM Press. pp. 35Google Scholar
  20. 20.
    Khamis M, Alt F, Hassib M, von Zezschwitz E (2016) Gazetouchpass: Multimodal authentication using gaze and touch on mobile devices. Proceedings of the 34th Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems, Pages 2156–2164Google Scholar
  21. 21.
    Kumar M, Garfinkel T, Boneh D, and Winograd T (2007) Reducing shoulder-surfing by using gaze-based password entry. In SOUPS. ACMGoogle Scholar
  22. 22.
    Lou HL (1995) Implementing the Viterbi Algorithm. IEEE Signal Processing MagazineGoogle Scholar
  23. 23.
    Maeder A, Fookes C, and Sridharan S (2004) Gaze based user authentication for personal computer applications. In: Proceedings of International Symposium on Intelligent Multimedia, Video and Speech Processing. Hong Kong: IEEE. pp. 727–30Google Scholar
  24. 24.
    PassFaces: patented technology that uses the brain's natural power to recognize familiar faces. PassFaces Corporation. Accessed 5 Apr 2006
  25. 25.
    Šŕamek R (2007) The on-line Viterbi algorithm, Master’s Thesis, Department of Computer Science Faculty of Mathematics, Physics and Informatics Comenius University, BratislavaGoogle Scholar
  26. 26.
    Suo X, Zhu Y, and Owen G (2005) Graphical passwords: a survey. In ACSAC. IEEEGoogle Scholar
  27. 27.
    Viola P, Jones M (2001) Rapid object detection using a boosted cascade of simple features. In Proc. CVPR, I–511–I–518Google Scholar
  28. 28.
    Wan M, Yang G, Gai S et al (2014) Feature extraction using two-dimensional maximum embedding difference. Inf Sci 274:55–69CrossRefGoogle Scholar
  29. 29.
    Wan M, Yang G, Gai S et al (2017) Two- dimensional discriminant locality preserving projections (2DDLPP) and its application to feature extraction via fuzzy set. Multimed Tools Appl 76:355–371CrossRefGoogle Scholar
  30. 30.
    Wan M, Yang G et al (2017) Local graph embedding based on maximum margin criterion via fuzzy set. Fuzzy Sets Syst 318:120–131MathSciNetCrossRefGoogle Scholar
  31. 31.
    Weaver J, Mock K, Hoanca B (2011) Gaze-based password authentication through automatic clustering of gaze points. IEEE International Conference on Systems, Man, and Cybernetics (SMC), Pages 2749–2754Google Scholar
  32. 32.
    Wiedenbeck S, Waters J, Birget J, Brodskiy A, Memon N (2005) PassPoints: design and longitudinal evaluation of a graphical password system. Int J Hum Comput Stud 63(1–2):102–127CrossRefGoogle Scholar
  33. 33.
    Wobbrock JO, Myers BA, Kembel JA (2003) Edgewrite: a stylus-based text entry method designed for high accuracy and stability of motion. In UIST '03: Proceedings of the 16th annual ACM symposium on User interface software and technology, pages 61{70, New YorkGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  • Hananeh Salehifar
    • 1
  • Peyman Bayat
    • 1
    Email author
  • Mojtaba Amiri Majd
    • 2
  1. 1.Department of Computer Engineering, Rasht BranchIslamic Azad UniversityRashtIran
  2. 2.Department of Psychology, Abhar BranchIslamic Azad UniversityAbharIran

Personalised recommendations