Password entry usability and shoulder surfing susceptibility on different smartphone platforms

Authors:
Florian Schaub;Ruben Deyhle;Michael Weber
Affiliations:
Ulm University, Ulm, Germany;Ulm University, Ulm, Germany;Ulm University, Ulm, Germany
Venue:
Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia
Year:
2012

Citing 24
Cited 5

IBM computer usability satisfaction questionnaires: psychometric evaluation and instructions for use

International Journal of Human-Computer Interaction
Password Memorability and Security: Empirical Results

IEEE Security and Privacy
A PIN-entry method resilient against shoulder surfing

Proceedings of the 11th ACM conference on Computer and communications security
Have the cake and eat it too - Infusing usability into text-password based authentication systems

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Spy-resistant keyboard: more secure password entry on public touch screen displays

OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future
A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Human selection of mnemonic phrase-based passwords

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
The usability of passphrases for authentication: An empirical field study

International Journal of Human-Computer Studies
A large-scale study of web password habits

Proceedings of the 16th international conference on World Wide Web
S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
The design and analysis of graphical passwords

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Reducing shoulder-surfing by using gaze-based password entry

Proceedings of the 3rd symposium on Usable privacy and security
Undercover: authentication usable in front of prying eyes

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Memorability of persuasive passwords

CHI '08 Extended Abstracts on Human Factors in Computing Systems
Improving text passwords through persuasion

Proceedings of the 4th symposium on Usable privacy and security
Touch key design for target selection on a mobile phone

Proceedings of the 10th international conference on Human computer interaction with mobile devices and services
The performance of touch screen soft buttons

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
The true cost of unusable password policies: password use in the wild

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Multi-touch authentication on tabletops

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A closer look at recognition-based graphical passwords on mobile devices

Proceedings of the Sixth Symposium on Usable Privacy and Security
Of passwords and people: measuring the effect of password-composition policies

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Shoulder surfing defence for recall-based graphical passwords

Proceedings of the Seventh Symposium on Usable Privacy and Security
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes

SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
User Study, Analysis, and Usable Security of Passwords Based on Digital Objects

IEEE Transactions on Information Forensics and Security - Part 2

MIBA: multitouch image-based authentication on smartphones

CHI '13 Extended Abstracts on Human Factors in Computing Systems
Improving user authentication on mobile devices: a touchscreen graphical password

Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
Secure unlocking of mobile touch screen devices by simple gestures: you can see it but you can not do it

Proceedings of the 19th annual international conference on Mobile computing & networking
Exploring the design space of graphical passwords on smartphones

Proceedings of the Ninth Symposium on Usable Privacy and Security
Evaluation of the influence of contextual factors on the interactions with applications for smartphones

Proceedings of the 19th Brazilian symposium on Multimedia and the web

Quantified Score

Hi-index	0.00

Visualization

Abstract

Virtual keyboards of different smartphone platforms seem quite similar at first glance, but the transformation from a physical to a virtual keyboard on a small-scale display results in user experience variations that cause significant differences in usability as well as shoulder surfing susceptibility, i.e., the risk of a bystander observing what is being typed. In our work, we investigate the impact of both aspects on the security of text-based password entry on mobile devices. In a between subjects study with 80 participants, we analyzed usability and shoulder surfing susceptibility of password entry on different mobile platforms (iOS, Android, Windows Phone, Symbian, MeeGo). Our results show significant differences in the usability of password entry (required password entry time, typing accuracy) and susceptibility to shoulder surfing. Our results provide insights for security-aware design of on-screen keyboards and for password composition strategies tailored to entry on smartphones.