A new graphical password scheme resistant to shoulder-surfing
Shoulder-surfing is a known risk where an attacker can capture a password by direct observation or by recording the authentication session. Due to the visual interface, this problem has become exacerbated in graphical passwords. There have been some graphical schemes resistant or immune to should...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Published: |
Institute of Electrical and Electronics Engineers
2010
|
| Online Access: | https://eprints.nottingham.ac.uk/1341/ |
| _version_ | 1848790589029482496 |
|---|---|
| author | Haichang, Gao Zhongjie, Ren Xiuling, Chang Xiyang, Liu Aickelin, Uwe |
| author_facet | Haichang, Gao Zhongjie, Ren Xiuling, Chang Xiyang, Liu Aickelin, Uwe |
| author_sort | Haichang, Gao |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | Shoulder-surfing is a known risk where an attacker can capture a password by direct observation or by recording
the authentication session. Due to the visual interface, this problem has become exacerbated in graphical passwords.
There have been some graphical schemes resistant or immune
to shoulder-surfing, but they have significant usability
drawbacks, usually in the time and effort to log in. In this
paper, we propose and evaluate a new shoulder-surfing
resistant scheme which has a desirable usability for PDAs. Our inspiration comes from the drawing input method in DAS and the association mnemonics in Story for sequence retrieval. The new scheme requires users to draw a curve across their password images orderly rather than click directly on them.
The drawing input trick along with the complementary
measures, such as erasing the drawing trace, displaying
degraded images, and starting and ending with randomly
designated images provide a good resistance to shoulder-surfing.
A preliminary user study showed that users were able to enter their passwords accurately and to remember them over time. |
| first_indexed | 2025-11-14T18:15:01Z |
| format | Article |
| id | nottingham-1341 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| last_indexed | 2025-11-14T18:15:01Z |
| publishDate | 2010 |
| publisher | Institute of Electrical and Electronics Engineers |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-13412020-05-04T20:25:32Z https://eprints.nottingham.ac.uk/1341/ A new graphical password scheme resistant to shoulder-surfing Haichang, Gao Zhongjie, Ren Xiuling, Chang Xiyang, Liu Aickelin, Uwe Shoulder-surfing is a known risk where an attacker can capture a password by direct observation or by recording the authentication session. Due to the visual interface, this problem has become exacerbated in graphical passwords. There have been some graphical schemes resistant or immune to shoulder-surfing, but they have significant usability drawbacks, usually in the time and effort to log in. In this paper, we propose and evaluate a new shoulder-surfing resistant scheme which has a desirable usability for PDAs. Our inspiration comes from the drawing input method in DAS and the association mnemonics in Story for sequence retrieval. The new scheme requires users to draw a curve across their password images orderly rather than click directly on them. The drawing input trick along with the complementary measures, such as erasing the drawing trace, displaying degraded images, and starting and ending with randomly designated images provide a good resistance to shoulder-surfing. A preliminary user study showed that users were able to enter their passwords accurately and to remember them over time. Institute of Electrical and Electronics Engineers 2010 Article PeerReviewed Haichang, Gao, Zhongjie, Ren, Xiuling, Chang, Xiyang, Liu and Aickelin, Uwe (2010) A new graphical password scheme resistant to shoulder-surfing. International Conference on CyberWorlds, 2010 . (In Press) http://www.ieee.org/index.html |
| spellingShingle | Haichang, Gao Zhongjie, Ren Xiuling, Chang Xiyang, Liu Aickelin, Uwe A new graphical password scheme resistant to shoulder-surfing |
| title | A new graphical password scheme resistant to shoulder-surfing |
| title_full | A new graphical password scheme resistant to shoulder-surfing |
| title_fullStr | A new graphical password scheme resistant to shoulder-surfing |
| title_full_unstemmed | A new graphical password scheme resistant to shoulder-surfing |
| title_short | A new graphical password scheme resistant to shoulder-surfing |
| title_sort | new graphical password scheme resistant to shoulder-surfing |
| url | https://eprints.nottingham.ac.uk/1341/ https://eprints.nottingham.ac.uk/1341/ |