Abstract
Graphical password methods rely on human experience and hand selection (not well-quantified metric) to evaluate the appropriateness and the confusion of the challenge images. In this paper we propose to use for authentication Chinese characters, for which the entropy can be up to 9.65 (much larger than other languages). We first show an algorithmic framework to authenticate a user and then present an empirical analysis conducted at a university. The advantages of the framework include the following: the storage overhead is low; no personal experience or hand selection is involved; there is no predefined dictionary of likely choices; and it can be easily referenced by personal-style cues. Our study shows that the number of participants that prefer our framework is much close to that in favor of graphical passwords, with an interesting outcome that the two groups of participants present significantly distinct backgrounds. Our framework and graphical passwords can be used as candidate authentication methods for users with different backgrounds. We also measure user choices of patterns and find that there is a slight preference of the 3×3 grid to the circle patterns. While the proposed framework prescribes the challenge characters, the users have the option to define challenge characters of their own.
| Original language | English |
|---|---|
| Pages (from-to) | 1460-1462 |
| Number of pages | 3 |
| Journal | Proceedings of the ACM Conference on Computer and Communications Security |
| Volume | 2014-January |
| DOIs | |
| State | Published - 2014 |
| Event | 21st ACM Conference on Computer and Communications Security, CCS 2014 - Scottsdale, United States Duration: 3 Nov 2014 → 7 Nov 2014 |
Keywords
- Entropy
- Evaluation
- Human factors in security