GestureMeter: Design and Evaluation of a Gesture Password Strength Meter

要旨

Gestures drawn on touchscreens have been proposed as an authentication method to secure access to smartphones. They provide good usability and a theoretically large password space. However, recent work has demonstrated that users tend to select simple or similar gestures as their passwords, rendering them susceptible to dictionary based guessing attacks. To improve their security, this paper describes a novel gesture password strength meter that interactively provides security assessments and improvement suggestions based on a scoring algorithm that combines a probabilistic model, a gesture dictionary, and a set of novel stroke heuristics. We evaluate this system in both online and offline settings and show it supports creation of gestures that are significantly more resistant to guessing attacks (by up to 67%) while also maintaining performance on usability metrics such as recall success rate and time. We conclude that gesture password strength meters can help users select more secure gesture passwords.

著者
Eunyong Cheon
UNIST , Ulsan, Korea, Republic of
Jun Ho Huh
Samsung Research, Seoul, Korea, Republic of
Ian Oakley
UNIST, Ulsan, Korea, Republic of
論文URL

https://doi.org/10.1145/3544548.3581397

動画

会議: CHI 2023

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2023.acm.org/)

セッション: Authentication and Smart Environments

Hall A
6 件の発表
2023-04-26 01:35:00
2023-04-26 03:00:00