Towards secure design choices for implementing graphical passwords

We study the impact of selected parameters on the size of the password space for "Draw-A-Secret" (DAS) graphical passwords. We examine the role of and relationships between the number of composite strokes, grid dimensions, and password length in the DAS password space. We show that a very significant proportion of the DAS password space depends on the assumption that users will choose long passwords with many composite strokes. If users choose passwords having 4 or fewer strokes, with passwords of length 12 or less on a 5 /spl times/ 5 grid, instead of up to the maximum 12 possible strokes, the size of the DAS password space is reduced from 58 to 40 bits. Additionally, we found a similar reduction when users choose no strokes of length 1. To strengthen security, we propose a technique and describe a representative system that may gain up to 16 more bits of security with an expected negligible increase in input time. Our results can be directly applied to determine secure design choices, graphical password parameter guidelines, and in deciding which parameters deserve focus in graphical password user studies.

[1]  Jeff Yan,et al.  A note on proactive password checking , 2001, NSPW '01.

[2]  Mitsuru Matsui,et al.  Performance Analysis and Parallel Implementation of Dedicated Hash Functions , 2002, EUROCRYPT.

[3]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[4]  Zvi M. Kedem,et al.  Towards stronger user authentication , 1999 .

[5]  Michael K. Reiter,et al.  On User Choice in Graphical Password Schemes , 2004, USENIX Security Symposium.

[6]  Julie Thorpe,et al.  Graphical Dictionaries and the Memorable Space of Graphical Passwords , 2004, USENIX Security Symposium.

[7]  Paul C. van Oorschot,et al.  Addressing Online Dictionary Attacks with Login Histories and Humans-in-the-Loop (Extended Abstract) , 2004, Financial Cryptography.

[8]  R. S. French Identification of dot patterns from memory as a function of complexity. , 1954, Journal of experimental psychology.

[9]  Andrei V. Kelarev,et al.  The Theory of Information and Coding , 2005 .

[10]  Nasir D. Memon,et al.  Robust discretization, with an application to graphical passwords , 2003, IACR Cryptol. ePrint Arch..

[11]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[12]  Vibha Sazawal,et al.  Doodling our way to better authentication , 2002, CHI Extended Abstracts.

[13]  Robert J. McEliece,et al.  The Theory of Information and Coding , 1979 .

[14]  Alan F. Blackwell,et al.  The memorability and security of passwords – some empirical results , 2000 .

[15]  Benny Pinkas,et al.  Securing passwords against dictionary attacks , 2002, CCS '02.

[16]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[17]  Julie Thorpe,et al.  Analyzing User Choice in Graphical Passwords , 2004 .

[18]  S. Ichikawa Measurement of visual memory span by means of the recall of dot-in-matrix patterns , 1982 .

[19]  F. Attneave Symmetry, information, and memory for patterns. , 1955, The American journal of psychology.

[20]  Eugene H. Spafford,et al.  Crisis and aftermath , 1989, Commun. ACM.

[21]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[22]  Dawn Song,et al.  Hash Visualization: a New Technique to improve Real-World Security , 1999 .

[23]  Daniel Klein,et al.  Foiling the cracker: A survey of, and improvements to, password security , 1992 .

[24]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[25]  T. Wright,et al.  A Picture Memory. , 2003 .