USENIX Technical Program - Abstract - Security Symposium 99
The Design and Analysis of Graphical Passwords
Ian Jermyn, New York University; Alain Mayer, Fabian Monrose, Michael K. Reiter, Bell Labs, Lucent Technologies; and Aviel D. Rubin, AT&T Labs--Research
In this paper we propose and evaluate new graphical password
schemes that exploit features of graphical input displays to achieve
better security than text-based passwords. Graphical input devices
enable the user to decouple the position of inputs from the
temporal order in which those inputs occur, and we show that this
decoupling can be used to generate password schemes with substantially
larger (memorable) password spaces. In order to evaluate the security of
one of our schemes, we devise a novel way to capture a subset of the
``memorable'' passwords that, we believe, is itself a contribution. In
this work we are primarily motivated by devices such as personal digital
assistants (PDAs) that offer graphical input capabilities via a stylus,
and we describe our prototype implementation of one of our password
schemes on such a PDA, namely the Palm PilotTM.
- View the full text of this paper in
HTML form and PDF form.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.