Abstract
To enhance graphical passwords, we have developed a system of click-draw based graphical password scheme (named CD-GPS) that combined current graphical password techniques and evaluated its performance with human users. In real settings, we identify that the effect of tolerance is a key factor affecting the usability of our scheme, however, we have not explored its specific effect in our previous work. In this paper, we therefore conduct a user study to investigate the effect of tolerance on creating and confirming the click-draw based graphical passwords. In particular, we conduct two experiments with totally 60 participants in the user study. The results show that accurate memory and reproduction for the CD-GPS scheme can be significantly reduced when the tolerance is greatly decreased (e.g., 12×12 pixels). In the end, we further discuss how to select an appropriate tolerance for the scheme of CD-GPS in real deployment.
Chapter PDF
Similar content being viewed by others
References
Brown, A.S., Bracken, E., Zoccoli, S., Douglas, K.: Generating and Remembering Passwords. Applied Cognitive Psychology 18, 641–651 (2004)
Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password Memorability and Security: Empirical Results. IEEE Security and Privacy Magazine 2(5), 25–31 (2004)
Klein, D.: Foiling the Cracker; A Survey of, and Improvements to Unix Password Security. In: Proceedings of the USENIX Security Workshop, pp. 83–86 (1990)
Shepard, R.N.: Recognition Memory for Words, Sentences, and Pictures. Journal of Verbal Learning and Verbal Behavior 6, 156–163 (1967)
De Angeli, A., Coventry, L., Johnson, G., Renaud, K.: Is a Picutre Really Worth a Thousand Words? Reflecting on the Usability of Graphcial Authentication Systems. International Journal of Human Computer Studeies 63(2), 128–152 (2005)
Nelson, D.L., Reed, U.S., Walling, J.R.: Picture Superiority Effect. Journal of Experimental Psychology: Human Learning and Memory 3, 485–497 (1977)
Gołofit, K.: Click Passwords Under Investigation. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 343–358. Springer, Heidelberg (2007)
Paivio, A., Rogers, T.B., Smythe, P.C.: Why are Pictures Easier to Recall than Words? Psychonomic Science 11(4), 137–138 (1976)
Blonder, G.E.: Graphical Passwords. United States Paten 5559961 (1996)
Meng, Y.: Designing Click-Draw based Graphical Password Scheme for Better Authentication. In: Proceedings of 7th IEEE International Conference on Networking, Architecture, and Storage (NAS 2012), pp. 39–48 (2012)
Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A., Memon, N.: PassPoints: Design and Longitudinal Evaluation of a Graphical Password System. International Journal of Human- Computer Studies 63, 102–127 (2005)
Davis, D., Monrose, F., Reiter, M.K.: On User Choice in Graphical Password Schemes. In: Proceedings of USENIX Security Symposium, pp. 151–164. USENIX Association, Berkeley (2004)
Passfaces (accessed by May 20, 2012), http://www.realuser.com/
Nali, D., Thorpe, J.: Analyzing User Choice in Graphical Passwords. Technical Report. Careton University (2004)
Jali, M., Furnell, S., Dowland, P.: Quantifying the Effect of Graphical Password Guidelines for Better Security. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 80–91. Springer, Heidelberg (2011)
Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The Design and Analysis of Graphical Passwords. In: Proceedings of USENIX Security Symposium, pp. 1–14. USENIX Association, Berkeley (1999)
Thorpe, J., van Oorschot, P.C.: Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords. In: Proceedings of 16th USENIX Security Symposium, pp. 1–16. USENIX Association, Berkeley (2007)
Wiedenbeck, S., Birget, J.C., Brodskiy, A., Memon, N.: Authentication using Graphical Passwords: Effects of Tolerance and Image Choice. In: Proceedings of Symposium on Usability Privacy and Security (SOUPS), pp. 1–12 (2005)
Dirik, A.E., Memon, N., Birget, J.C.: Modelling User Choice in the Passpoints Graphical Password Scheme. In: Proceedings of Symposium on Usability Privacy and Security (SOUPS), pp. 20–28 (2007)
Dunphy, P., Yan, J.: Do Background Images Improve “Draw A Secret” Graphical Passwords? In: Proceedings of ACM Conference on Computer and Communiation Security (CCS), pp. 36–47 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Meng, Y., Li, W. (2012). Evaluating the Effect of Tolerance on Click-Draw Based Graphical Password Scheme. In: Chim, T.W., Yuen, T.H. (eds) Information and Communications Security. ICICS 2012. Lecture Notes in Computer Science, vol 7618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34129-8_32
Download citation
DOI: https://doi.org/10.1007/978-3-642-34129-8_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34128-1
Online ISBN: 978-3-642-34129-8
eBook Packages: Computer ScienceComputer Science (R0)