Do background images improve "draw a secret" graphical passwords?

Paul Dunphy*, Jeff Yan

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

167 Citations (Scopus)

Abstract

Draw a secret (DAS) is a representative graphical password scheme. Rigorous theoretical analysis suggests that DAS supports an overall password space larger than that of the ubiquitous textual password scheme. However, recent research suggests that DAS users tend to choose weak passwords, and their choices would render this theoretically sound scheme less secure in real life. In this paper we investigate the novel idea of introducing background images to the DAS scheme, where users were initially supposed to draw passwords on a blank canvas overlaid with a grid. Encouraging results from our two user studies have shown that people aided with background images tended to set significantly more complicated passwords than their counterparts using the original scheme. The background images also reduced other predictable characteristics in DAS passwords such as symmetry and centering within the drawing grid, further improving the strength of the passwords. We estimate that the average strength of successfully recalled passwords in the enhanced scheme was increased over those created using the original scheme by more than 10 bits. Moreover, a positive effect was observed with respect to the memorability of the more complex passwords encouraged by the background images.

Original languageEnglish
Title of host publicationCCS'07 - Proceedings of the 14th ACM Conference on Computer and Communications Security
Place of PublicationNew York
Pages36-47
Number of pages12
DOIs
Publication statusPublished - 28 Oct 2007
Event14th ACM Conference on Computer and Communications Security, CCS'07 - Alexandria, VA, United States
Duration: 29 Oct 20072 Nov 2007

Conference

Conference14th ACM Conference on Computer and Communications Security, CCS'07
Country/TerritoryUnited States
CityAlexandria, VA
Period29/10/072/11/07

Keywords

  • authentication
  • draw a secret
  • graphical passwords
  • usable security

Fingerprint

Dive into the research topics of 'Do background images improve "draw a secret" graphical passwords?'. Together they form a unique fingerprint.

Cite this