Pitfalls of Shoulder Surfing Studies

We review empirical studies that evaluate the resilience of various PIN entry methods against human shoulder surfers. Conducting such studies is challenging because adversaries are not available for study and must be simulated in one way or another. We were interested to find out whether there is a common standard how these experiments are designed and reported. In the course of our research we noticed that subtle design decisions might have a crucial effect on the validity and the interpretation of the outcomes. Getting these details right is particularly important if the number of participants or trials is relatively low. One example is the decision to let simulated adversaries enter their guesses using the method under study. If the method produces input errors then correct guesses may not be counted as such, which leads to an underestimation of risk. We noticed several issues of this kind and distilled a set of recommendations that we believe should be followed to assure that studies of this kind are comparable and that their results can be interpreted well.

[1]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[2]  Shujun Li,et al.  Breaking undercover: exploiting design flaws and nonuniform human behavior , 2011, SOUPS.

[3]  Patrick Olivier,et al.  Multi-touch authentication on tabletops , 2010, CHI.

[4]  Buntarou Shizuki,et al.  Vibrainput: two-step PIN entry system based on vibration and visual information , 2014, CHI Extended Abstracts.

[5]  Karen Renaud,et al.  Armchair authentication , 2009, BCS HCI.

[6]  Susan Wiedenbeck,et al.  Design and evaluation of a shoulder-surfing resistant graphical password scheme , 2006, AVI '06.

[7]  Robert Biddle,et al.  Graphical passwords: Learning from the first twelve years , 2012, CSUR.

[8]  Julie Thorpe,et al.  Usability and security evaluation of GeoPass: a geographic location-password scheme , 2013, SOUPS.

[9]  Jefferson Y. Han Low-cost multi-touch sensing through frustrated total internal reflection , 2005, UIST.

[10]  Ian Oakley,et al.  The phone lock: audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices , 2011, Tangible and Embedded Interaction.

[11]  Keita Watanabe,et al.  CursorCamouflage: multiple dummy cursors as a defense against shoulder surfing , 2012, SIGGRAPH Asia Emerging Technologies.

[12]  Michael Weber,et al.  Password entry usability and shoulder surfing susceptibility on different smartphone platforms , 2012, MUM.

[13]  Volker Roth,et al.  A PIN-entry method resilient against shoulder surfing , 2004, CCS '04.

[14]  K. Srinathan,et al.  WYSWYE: shoulder surfing defense for recognition based graphical passwords , 2012, OZCHI.

[15]  Nicolas Christin,et al.  Undercover: authentication usable in front of prying eyes , 2008, CHI.

[16]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[17]  A. Ant Ozok,et al.  A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords , 2006, SOUPS '06.

[18]  Shujun Li,et al.  Cryptanalysis of the convex hull click human identification protocol , 2010, International Journal of Information Security.

[19]  Andreas P. Heiner,et al.  A closer look at recognition-based graphical passwords on mobile devices , 2010, SOUPS.

[20]  Patrick Olivier,et al.  A security assessment of tiles: a new portfolio-based graphical authentication system , 2012, CHI EA '12.

[21]  Sung-Hwan Kim,et al.  A new shoulder-surfing resistant password for mobile environments , 2011, ICUIMC.

[22]  Matthew Smith,et al.  Now you see me, now you don't: protecting smartphone authentication from shoulder surfers , 2014, CHI.

[23]  高田哲司,et al.  "Exploring the Design Space of Graphical Passwords on Smartphones"の紹介 , 2013 .

[24]  Desney S. Tan,et al.  Spy-resistant keyboard: more secure password entry on public touch screen displays , 2005, OZCHI.

[25]  Nitesh Saxena,et al.  Shoulder-Surfing Safe Login in a Partially Observable Attacker Model , 2010, Financial Cryptography.

[26]  Heinrich Hußmann,et al.  Using fake cursors to secure on-screen password entry , 2013, CHI.

[27]  David Griffiths,et al.  Shoulder surfing defence for recall-based graphical passwords , 2011, SOUPS.

[28]  Heinrich Hußmann,et al.  ColorPIN: securing PIN entry through indirect input , 2010, CHI.