Enhancing click-draw based graphical passwords using multi-touch on mobile phones

Yuxin Meng, Wenjuan Li, Lam For Kwok

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

18 Citations (Scopus)

Abstract

Graphical password based authentication systems are now becoming one of the potential alternatives to alleviate current over-reliance on traditional text-based password authentication. With the rapid development of mobile devices (i.e., the increase of computing power), this kind of authentication systems has been implemented on mobile phones to authenticate legitimate users and detect impostors. But in real deployment, we notice that users can utilize more actions like multi-touch on a mobile phone than on a common computer. The action of multi-touch, which refers to the process of touching a touchscreen with multiple fingers at the same time, is a distinguished feature on a touchscreen mobile phone. In this paper, we therefore attempt to explore the effect of multi-touch on creating graphical passwords in the aspect of security and usability. In particular, we conduct a study of using click-draw based graphical passwords in the evaluation, which combines current input types in the area of graphical passwords, and we further develop a multi-touch enabled scheme on mobile phones. Three experiments were conducted with 60 participants and the experimental results indicate that, by integrating the action of multi-touch, graphical passwords can be generally enhanced in the aspect of both security and usability.

Original languageEnglish
Title of host publicationSecurity and Privacy Protection in Information Processing Systems - 28th IFIP TC 11 International Conference, SEC 2013, Proceedings
EditorsLech J. Janczewski, Henry B. Wolfe, Sujeet Shenoi
PublisherSpringer New York LLC
Pages55-68
Number of pages14
ISBN (Electronic)9783642392177
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event28th IFIP TC 11 International Conference, SEC 2013 - Auckland, New Zealand
Duration: 8 Jul 201312 Jul 2013

Publication series

NameIFIP Advances in Information and Communication Technology
Volume405
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference28th IFIP TC 11 International Conference, SEC 2013
Country/TerritoryNew Zealand
CityAuckland
Period8/07/1312/07/13

Keywords

  • Graphical Passwords
  • Human Factors
  • Mobile Phones
  • Mobile Security
  • Multi-Touch
  • User Authentication

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management

Cite this