A PIN-entry method resilient against shoulder surfing
Proceedings of the 11th ACM conference on Computer and communications security
Cognitive Authentication Schemes Safe Against Spyware (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
ColorPIN: securing PIN entry through indirect input
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
The phone lock: audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices
Proceedings of the fifth international conference on Tangible, embedded, and embodied interaction
Cryptanalysis of the convex hull click human identification protocol
ISC'10 Proceedings of the 13th international conference on Information security
Hi-index | 0.00 |
Shoulder-surfing is a well-known technique to steal passwords by observing authentication sessions. While researchers have proposed many shoulder-surfing resistant password schemes, there is no general model to illustrate existing schemes and to help developing new schemes. In this paper, we introduce a graph-based model that generally describes shoulder-surfing resistant password schemes. Using this model, we present a method for analyzing some particular security threats and show some properties of, and relationship between certain security measures. Applying our proposed model to existing password systems, we demonstrate how the model can help analyze password schemes. We also discuss the usefulness of our model in designing a new password schemes.