File Download

There are no files associated with this item.

  • Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
Related Researcher

OakleyIan

Oakley, Ian
Interactions Lab.
Read More

Views & Downloads

Detailed Information

Cited time in webofscience Cited time in scopus
Metadata Downloads

PassBYOP: Bring Your Own Picture for Securing Graphical Passwords

Author(s)
Bianchi, AndreaOakley, IanKim, Hyoungshick
Issued Date
2016-06
DOI
10.1109/THMS.2015.2487511
URI
https://scholarworks.unist.ac.kr/handle/201301/18051
Fulltext
http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?arnumber=7307177#
Citation
IEEE TRANSACTIONS ON HUMAN-MACHINE SYSTEMS, v.46, no.3, pp.380 - 389
Abstract
PassBYOP is a new graphical password scheme for public terminals that replaces the static digital images typically used in graphical password systems with personalized physical tokens, herein in the form of digital pictures displayed on a physical user-owned device such as a mobile phone. Users present these images to a system camera and then enter their password as a sequence of selections on live video of the token. Highly distinctive optical features are extracted from these selections and used as the password. We present three feasibility studies of PassBYOP examining its reliability, usability, and security against observation. The reliability study shows that image-feature based passwords are viable and suggests appropriate system thresholds—password items should contain a minimum of seven features, 40% of which must geometrically match originals stored on an authentication server in order to be judged equivalent. The usability study measures task completion times and error rates, revealing these to be 7.5 s and 9%, broadly comparable with prior graphical password systems that use static digital images. Finally, the security study highlights PassBYOP’s resistance to observation attack—three attackers are unable to compromise a password using shoulder surfing, camerabased observation, or malware. These results indicate that PassBYOP shows promise for security while maintaining the usability of current graphical password schemes.
Publisher
IEEE
ISSN
2168-2291
Keyword (Author)
Graphical passwordinputlive videoobservationuser study
Keyword
DESIGN

qrcode

Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.