Communications of the ACM
Password security: a case history
Communications of the ACM
Hash visualization in user authentication
CHI '00 Extended Abstracts on Human Factors in Computing Systems
UNIX Password Security - Ten Years Later
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The domino effect of password reuse
Communications of the ACM - Human-computer etiquette
A PIN-entry method resilient against shoulder surfing
Proceedings of the 11th ACM conference on Computer and communications security
PassPoints: design and longitudinal evaluation of a graphical password system
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Déjà Vu: a user study using images for authentication
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
On user choice in graphical password schemes
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
VIP: a visual approach to user authentication
Proceedings of the Working Conference on Advanced Visual Interfaces
Reducing shoulder-surfing by using gaze-based password entry
Proceedings of the 3rd symposium on Usable privacy and security
Undercover: authentication usable in front of prying eyes
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Order and entropy in picture passwords
GI '08 Proceedings of graphics interface 2008
On user involvement in production of images used in visual authentication
Journal of Visual Languages and Computing
A user friendly password authenticated key agreement for multi server environment
Proceedings of the International Conference on Advances in Computing, Communication and Control
Guidelines for designing graphical authentication mechanism interfaces
International Journal of Information and Computer Security
Look into my eyes!: can you guess my password?
Proceedings of the 5th Symposium on Usable Privacy and Security
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
SSSL: shoulder surfing safe login
SoftCOM'09 Proceedings of the 17th international conference on Software, Telecommunications and Computer Networks
Multi-touch authentication on tabletops
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
ColorPIN: securing PIN entry through indirect input
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Digital rights management using a master control device
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
A graphical PIN authentication mechanism with applications to smart cards and low-cost devices
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Towards understanding ATM security: a field study of real world ATM use
Proceedings of the Sixth Symposium on Usable Privacy and Security
Cryptanalysis of the convex hull click human identification protocol
ISC'10 Proceedings of the 13th international conference on Information security
A new shoulder-surfing resistant password for mobile environments
Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
GeoEnc: geometric area based keys and policies in functional encryption systems
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
A hybrid graphical password based system
ICA3PP'11 Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part II
Breaking undercover: exploiting design flaws and nonuniform human behavior
Proceedings of the Seventh Symposium on Usable Privacy and Security
Analysis and design of graphical password techniques
ISVC'06 Proceedings of the Second international conference on Advances in Visual Computing - Volume Part II
A simple modeling method for mobile password schemes and its analysis
Proceedings of the 9th International Conference on Advances in Mobile Computing and Multimedia
Biometric-rich gestures: a novel approach to authentication on multi-touch devices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A security assessment of tiles: a new portfolio-based graphical authentication system
CHI '12 Extended Abstracts on Human Factors in Computing Systems
Graphical passwords: Learning from the first twelve years
ACM Computing Surveys (CSUR)
CursorCamouflage: multiple dummy cursors as a defense against shoulder surfing
SIGGRAPH Asia 2012 Emerging Technologies
PassMap: a map based graphical-password authentication system
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Multiple password interference in graphical passwords
International Journal of Information and Computer Security
Making graphic-based authentication secure against smudge attacks
Proceedings of the 2013 international conference on Intelligent user interfaces
Picassopass: a password scheme using a dynamically layered combination of graphical elements
CHI '13 Extended Abstracts on Human Factors in Computing Systems
Using fake cursors to secure on-screen password entry
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Designing leakage-resilient password entry on touchscreen mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
Exploring the design space of graphical passwords on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
POSTER: Graphical password using object-based image ranking
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
When users input their passwords in a public place, they may be at risk of attackers stealing their password. An attacker can capture a password by direct observation or by recording the individual's authentication session. This is referred to as shoulder-surfing and is a known risk, of special concern when authenticating in public places. Until recently, the only defense against shoulder-surfing has been vigilance on the part of the user. This paper reports on the design and evaluation of a game-like graphical method of authentication that is resistant to shoulder-surfing. The Convex Hull Click (CHC) scheme allows a user to prove knowledge of the graphical password safely in an insecure location because users never have to click directly on their password images. Usability testing of the CHC scheme showed that novice users were able to enter their graphical password accurately and to remember it over time. However, the protection against shoulder-surfing comes at the price of longer time to carry out the authentication.