Time evolving graphical password for securing mobile devices

Authors:
Zhan Wang;Jiwu Jing;Liang Li
Affiliations:
Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China;Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China;Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China
Venue:
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Year:
2013

Citing 14
Cited 0

A Computational Approach to Edge Detection

IEEE Transactions on Pattern Analysis and Machine Intelligence
Photographic Authentication through Untrusted Terminals

IEEE Pervasive Computing
Passwords you'll never forget, but can't recall

CHI '04 Extended Abstracts on Human Factors in Computing Systems
Authentication using graphical passwords: effects of tolerance and image choice

SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Graphical Passwords: A Survey

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Modeling user choice in the PassPoints graphical password scheme

Proceedings of the 3rd symposium on Usable privacy and security
Do background images improve "draw a secret" graphical passwords?

Proceedings of the 14th ACM conference on Computer and communications security
Use Your Illusion: secure authentication usable anywhere

Proceedings of the 4th symposium on Usable privacy and security
Usable authentication and click-based graphical passwords

Usable authentication and click-based graphical passwords
Multiple password interference in text passwords and click-based graphical passwords

Proceedings of the 16th ACM conference on Computer and communications security
User interface design affects security: patterns in click-based graphical passwords

International Journal of Information Security
MARASIM: a novel jigsaw based authentication scheme using tagging

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Habits make smartphone use more pervasive

Personal and Ubiquitous Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Increasingly widespread use of mobile devices for processing monetary transactions and accessing business secrets has created a great demand on securing mobile devices. Poorly designed authentication mechanisms (e.g., screen lock and SIM card lock) on mobile devices either make users feel a hassle to lock the devices, or are vulnerable to attacks, such as shoulder surfing and smudge attack. In this paper, we propose a new login option for unlocking mobile devices called Time-Evolving Graphical Password (TEGP), which improves the strength of the password gradually over time by evolving the distortion degree of the images in the challenge portfolio without changing the pass images. By taking advantage of the extraordinary human ability to recall images, TEGP authenticates users by asking them to recognize the pass images which are transformed from the images uploaded by the user at registration. To achieve desired security and remain the usability, we present two metrics, Information Retention Rate (IRR) and Password Diversity Score (PDS), to advise the selection and distortion of the pass images and decoy images. Our experimental results show the memorability from the perspective of users, and the ability of TEGP to defend against various attacks.