On the predictability and security of user choice in passwords

It is well-known that traditional text-based passwords are weak due to predictable patterns in user choice. In response, other knowledge-based authentication schemes such as graphical passwords have been proposed, motivated in part by our remarkably better memory for pictures over words. We hypothesize that these schemes, when allowing users free choice of their password, will suffer from similar weaknesses. We examine and generalize existing methods for attacking knowledge-based schemes, and apply these methods to two representative, previously unanalyzed, graphical password schemes: the "Draw-A-Secret" scheme of Jermyn et al. (1999), and the "Pass-Points" scheme of Weidenbeck et al. (2005). We validate our hypothesis using data collected from our own user studies, and from user studies by others, providing the first attacks and effective security analyses for these two schemes. Our results naturally lead to a set of recommendations that may help improve the effective security of these particular schemes. In light of these attacks, we propose a novel idea for user authentication we call "pass-thoughts", which may prove to have some unique properties to defend against various attacks (but we do not prove this herein). We end with a discussion of other considerations for user authentication schemes, a comparative analysis of existing schemes, and a discussion to put the results of this thesis in context.