The design and analysis of graphical passwords

Jermyn, I.H.; Mayer, A.; Monrose, F.; Reiter, M.K.; Rubin, A.D.

The design and analysis of graphical passwords

Jermyn, I.H.; Mayer, A.; Monrose, F.; Reiter, M.K.; Rubin, A.D.

Authors

Professor Ian Jermyn i.h.jermyn@durham.ac.uk
Professor

A. Mayer

F. Monrose

M.K. Reiter

A.D. Rubin

Abstract

In this paper we propose and evaluate new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords. Graphical input devices enable the user to decouple the position of inputs from the temporal order in which those inputs occur, and we show that this decoupling can be used to generate password schemes with substantially larger (memorable) password spaces. In order to evaluate the security of one of our schemes, we devise a novel way to capture a subset of the "memorable" passwords that, we believe, is itself a contribution. In this work we are primarily motivated by devices such as personal digital assistants (PDAs) that offer graphical input capabilities via a stylus, and we describe our prototype implementation of one of our password schemes on such a PDA, namely the Palm PilotTM.

Citation

Jermyn, I., Mayer, A., Monrose, F., Reiter, M., & Rubin, A. (1999). The design and analysis of graphical passwords. In Proceedings of the 8th USENIX Security Symposium (Security '99), Washington, D.C., USA, August 23-26, 1999

Conference Name	8th USENIX Security Symposium.
Conference Location	Washington DC, USA
Start Date	Aug 23, 1999
End Date	Aug 26, 1999
Publication Date	Aug 26, 1999
Deposit Date	Aug 12, 2011
Publicly Available Date	May 26, 2016
Book Title	Proceedings of the 8th USENIX Security Symposium (Security '99), Washington, D.C., USA, August 23-26, 1999.
Publisher URL	https://www.usenix.org/legacy/events/sec99/jermyn.html
Additional Information	Symposium date: 23-26 August 1999