Swipe Authentication: Exploring Over-the-Shoulder Attack Performance

  • Ashley A. Cain
  • Liya Chiu
  • Felicia Santiago
  • Jeremiah D. Still
Conference paper

DOI: 10.1007/978-3-319-41932-9_27

Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 501)
Cite this paper as:
Cain A.A., Chiu L., Santiago F., Still J.D. (2016) Swipe Authentication: Exploring Over-the-Shoulder Attack Performance. In: Nicholson D. (eds) Advances in Human Factors in Cybersecurity. Advances in Intelligent Systems and Computing, vol 501. Springer, Cham

Abstract

Swipe passwords are a popular method for authenticating on mobile phones. In public, these passwords may become visible to attackers who engage in shoulder surfing. There is a need for strategies that protect swipe passwords from over-the-shoulder attacks (OSAs). We empirically explored the impact of providing gesture visual feedback on OSA performance during successful and unsuccessful swipe login attempts on mobile phones. We found evidence that entry visual feedback facilitates OSAs. As users are biased towards symmetrical swipe patterns, we investigated their impact on attack performance. We found that symmetrical swipe patterns were less vulnerable than asymmetrical patterns, possibly due to the speed of entry. As users tend toward simple patterns, we investigated the impact that nonadjacent, diagonal knight moves have on OSAs. We found that knight moves significantly decreased OSA performance. We recommend users turn off gesture entry visual feedback and use knight moves for greater password security.

Keywords

Swipe passwords Gesture-based passwords Over-the-shoulder attack 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Ashley A. Cain
    • 1
  • Liya Chiu
    • 2
  • Felicia Santiago
    • 2
  • Jeremiah D. Still
    • 1
  1. 1.Department of PsychologyOld Dominion UniversityNorfolkUSA
  2. 2.Department of PsychologySan Jose State UniversitySan JoseUSA

Personalised recommendations