Graphical Passwords & Qualitative Spatial Relations (2007)

Author(s): Lin D, Dunphy P, Olivier P, Yan J

    Abstract: A potential drawback of graphical password schemes is that they are more vulnerable to shoulder surfing than conventional alphanumeric text passwords. We present a variation of the Draw-a-Secret scheme originally proposed by Jermyn et al [1] that is more resistant to shoulder surfing through the use of a qualitative mapping between user strokes and the password, and the use of dynamic grids to both obfuscate attributes of the user secret and encourage them to use different surface realizations of the secret. The use of qualitative spatial relations relaxes the tight constraints on the reconstruction of a secret; allowing a range of deviations from the original. We describe QDAS (Qualitative Draw-A-Secret), an initial implementation of this graphical password scheme, and the results of an empirical study in which we examined the memorability of secrets, and their susceptibility to shoulder-surfing attacks, for both Draw-A-Secret and QDAS.

    Notes: Poster Session

      • Date: 18-20 July 2007
      • Conference Name: Third Symposium on Usable Privacy and Security (SOUPS)
      • Volume: 229
      • Pages: 161-162
      • Publisher: ACM
      • Publication type: Conference Proceedings (inc. abstract)
      • Bibliographic status: Published

      Keywords: Graphical Passwords, Draw a Secret, Authentication, Usable Security


      Professor Patrick Olivier
      Professor of Human-Computer Interaction