Do background images improve "draw a secret" graphical passwords?
Do background images improve "draw a secret" graphical passwords?
Draw a secret (DAS) is a representative graphical password scheme. Rigorous theoretical analysis suggests that DAS supports an overall password space larger than that of the ubiquitous textual password scheme. However, recent research suggests that DAS users tend to choose weak passwords, and their choices would render this theoretically sound scheme less secure in real life. In this paper we investigate the novel idea of introducing background images to the DAS scheme, where users were initially supposed to draw passwords on a blank canvas overlaid with a grid. Encouraging results from our two user studies have shown that people aided with background images tended to set significantly more complicated passwords than their counterparts using the original scheme. The background images also reduced other predictable characteristics in DAS passwords such as symmetry and centering within the drawing grid, further improving the strength of the passwords. We estimate that the average strength of successfully recalled passwords in the enhanced scheme was increased over those created using the original scheme by more than 10 bits. Moreover, a positive effect was observed with respect to the memorability of the more complex passwords encouraged by the background images.
Authentication, Draw a secret, Graphical passwords, Usable security
36-47
Dunphy, Paul
958714bc-e1ec-4311-9693-84195768edc3
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e
2007
Dunphy, Paul
958714bc-e1ec-4311-9693-84195768edc3
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e
Dunphy, Paul and Yan, Jeff
(2007)
Do background images improve "draw a secret" graphical passwords?
In CCS'07 - Proceedings of the 14th ACM Conference on Computer and Communications Security.
.
(doi:10.1145/1315245.1315252).
Record type:
Conference or Workshop Item
(Paper)
Abstract
Draw a secret (DAS) is a representative graphical password scheme. Rigorous theoretical analysis suggests that DAS supports an overall password space larger than that of the ubiquitous textual password scheme. However, recent research suggests that DAS users tend to choose weak passwords, and their choices would render this theoretically sound scheme less secure in real life. In this paper we investigate the novel idea of introducing background images to the DAS scheme, where users were initially supposed to draw passwords on a blank canvas overlaid with a grid. Encouraging results from our two user studies have shown that people aided with background images tended to set significantly more complicated passwords than their counterparts using the original scheme. The background images also reduced other predictable characteristics in DAS passwords such as symmetry and centering within the drawing grid, further improving the strength of the passwords. We estimate that the average strength of successfully recalled passwords in the enhanced scheme was increased over those created using the original scheme by more than 10 bits. Moreover, a positive effect was observed with respect to the memorability of the more complex passwords encouraged by the background images.
This record has no associated files available for download.
More information
Published date: 2007
Venue - Dates:
14th ACM Conference on Computer and Communications Security, CCS'07, , Alexandria, VA, United States, 2007-10-29 - 2007-11-02
Keywords:
Authentication, Draw a secret, Graphical passwords, Usable security
Identifiers
Local EPrints ID: 500828
URI: http://eprints.soton.ac.uk/id/eprint/500828
ISSN: 1543-7221
PURE UUID: a63539de-a921-47c7-88dc-49e9016a392a
Catalogue record
Date deposited: 13 May 2025 17:23
Last modified: 13 May 2025 17:23
Export record
Altmetrics
Contributors
Author:
Paul Dunphy
Author:
Jeff Yan
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics