Skip to main content

Predicting Graphical Passwords

Matthieu Devlin‚ Jason R. C. Nurse‚ Duncan Hodges‚ Michael Goldsmith and Sadie Creese

Abstract

Over the last decade, the popularity of graphical passwords has increased tremendously. They can now be found on various devices and systems, including platforms such as the Windows 8 and Android operating systems. In this paper, we focus on the PassPoints graphical-password scheme and investigate the extent to which these passwords might be predicted based on knowledge of the individual (e.g., their age, gender, education, learning style). We are particularly interested in understanding whether graphical passwords may suffer the same weaknesses as textual passwords, which are often strongly correlated with an individual using memorable information (such as the individuals spouses, pets, preferred sports teams, children, and so on). This paper also introduces a novel metric for graphical-password strength to provide feedback to an individual without the requirement of knowing the image or having password statistics a priori.

Book Title
International Conference on Human Aspects of Information Security‚ Privacy and Trust at the 17th International Conference on Human−Computer Interaction (HCI)
Editor
Theo Tryfonas and Ioannis Askoxylakis
Pages
23–35
Publisher
Springer
Series
9190
Year
2015