Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Are squiggly lines the future of password security?

05.06.2014

Rutgers engineering researchers explore the security and memorability of free-form gestures as passwords

As more people use smart phones or tablets to pay bills, make purchases, store personal information and even control access to their houses, the need for robust password security has become more critical than ever.


Researchers studied the practicality of using free-form gestures for access authentication on smart phones and tablets. With the ability to create any shape in any size and location on the screen, the gestures had an inherent appeal as passwords. Since users create them without following a template, the researchers predicted these gestures would allow for greater complexity than grid-based gestures offer.

Credit: Michael Sherman, Gradeigh Clark, Yulong Yang, Shridatt Sugrim, Arttu Modig, Janne Lindqvist, Antti Oulasvirta, and Teemu Roos; Rutgers University, Max-Planck Institute for Informatics and University of Helsinki.

A new Rutgers University study shows that free-form gestures – sweeping fingers in shapes across the screen of a smart phone or tablet – can be used to unlock phones and grant access to apps. These gestures are less likely than traditional typed passwords or newer "connect-the-dots" grid exercises to be observed and reproduced by "shoulder surfers" who spy on users to gain unauthorized access.

"All it takes to steal a password is a quick eye," said Janne Lindqvist, one of the leaders of the project and an assistant professor in the School of Engineering's Department of Electrical and Computer Engineering. "With all the personal and transactional information we have on our phones today, improved mobile security is becoming increasingly critical."

Lindqvist believes this is the first study to explore free-form gestures as passwords. The researchers will publish their findings in June as part of the proceedings of MobiSys '14, a premier international conference in mobile computing.

In developing a secure solution to this problem, Lindqvist and the other researchers from Rutgers and collaborators from Max-Planck Institute for Informatics, including Antti Oulasvirta, and University of Helsinki studied the practicality of using free-form gestures for access authentication. With the ability to create any shape in any size and location on the screen, the gestures had an inherent appeal as passwords. Since users create them without following a template, the researchers predicted these gestures would allow for greater complexity than grid-based gestures offer.

"You can create any shape, using any number of fingers, and in any size or location on the screen," Lindqvist said. "We saw that this security protection option was clearly missing in the scientific literature and also in practice, so we decided to test its potential."

To do so, the researchers applied a generate-test-retest paradigm where 63 participants were asked to create a gesture, recall it, and recall it again 10 days later. The gestures were captured on a recognizer system designed by the team. Using this data, the authors tested the memorability of free-form gestures and invented a novel method to measure the complexity and accuracy of each gesture using information theory. Their analysis demonstrated results favorable to user-generated, free-form gestures as passwords.

To put their analysis to practice, the Rutgers researchers then had seven computer science and engineering students, each with considerable experience with touchscreens, attempt to steal a free-form gesture password by shoulder surfing.

None of the participants were able to replicate the gestures with enough accuracy, so while testing is in its preliminary stages, the gestures appear extremely powerful against attacks. While widespread adaptation of this technology is not yet clear, the research team plans to continue to analyze the security and management of free-form passwords in the future.

Diane Reed | Eurek Alert!
Further information:
http://www.rutgers.edu/

Further reports about: Lindqvist ability accuracy clear complexity fingers gesture gestures grid-based lines measure participants

More articles from Information Technology:

nachricht Simulation and Virtual Reality: Virtual Trade Fair Tour on the Smartphone
28.04.2015 | Siemens AG

nachricht A silver lining
24.04.2015 | University of California - Santa Barbara

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Fast and Accurate 3-D Imaging Technique to Track Optically-Trapped Particles

KAIST researchers published an article on the development of a novel technique to precisely track the 3-D positions of optically-trapped particles having complicated geometry in high speed in the April 2015 issue of Optica.

Daejeon, Republic of Korea, April 23, 2015--Optical tweezers have been used as an invaluable tool for exerting micro-scale force on microscopic particles and...

Im Focus: NOAA, Tulane identify second possible specimen of 'pocket shark' ever found

Pocket sharks are among the world's rarest finds

A very small and rare species of shark is swimming its way through scientific literature. But don't worry, the chances of this inches-long vertebrate biting...

Im Focus: Drexel materials scientists putting a new spin on computing memory

Ever since computers have been small enough to be fixtures on desks and laps, their central processing has functioned something like an atomic Etch A Sketch, with electromagnetic fields pushing data bits into place to encode data.

Unfortunately, the same drawbacks and perils of the mechanical sketch board have been just as pervasive in computing: making a change often requires starting...

Im Focus: Exploding stars help to understand thunderclouds on Earth

How is lightning initiated in thunderclouds? This is difficult to answer - how do you measure electric fields inside large, dangerously charged clouds? It was discovered, more or less by coincidence, that cosmic rays provide suitable probes to measure electric fields within thunderclouds. This surprising finding is published in Physical Review Letters on April 24th. The measurements were performed with the LOFAR radio telescope located in the Netherlands.

How is lightning initiated in thunderclouds? This is difficult to answer - how do you measure electric fields inside large, dangerously charged clouds? It was...

Im Focus: On the trail of a trace gas

Max Planck researcher Buhalqem Mamtimin determines how much nitrogen oxide is released into the atmosphere from agriculturally used oases.

In order to make statements about current and future air pollution, scientists use models which simulate the Earth’s atmosphere. A lot of information such as...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

HHL Energy Conference on May 11/12, 2015: Students Discuss about Decentralized Energy

23.04.2015 | Event News

“Developing our cities, preserving our planet”: Nobel Laureates gather for the first time in Asia

23.04.2015 | Event News

HHL's Entrepreneurship Conference on FinTech

13.04.2015 | Event News

 
Latest News

‘Dead zones’ found in Atlantic open waters

28.04.2015 | Earth Sciences

Endangered corals smothered by sponges on overfished Caribbean reefs

28.04.2015 | Ecology, The Environment and Conservation

Tidal tugs on Teflon faults drive slow-slipping earthquakes

28.04.2015 | Earth Sciences

VideoLinks
B2B-VideoLinks
More VideoLinks >>>