Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
TISSEC
2008
2008
On predictive models and user-drawn graphical passwords
In commonplace text-based password schemes, users typically choose passwords that are easy to recall, exhibit patterns, and are thus vulnerable to brute-force dictionary attacks. This leads us to ask whether other types of passwords (e.g., graphical) are also vulnerable to dictionary attack due to users tending to choose memorable passwords. We suggest a method to predict and model a number of such classes for systems where passwords are created solely from a user's memory. We hypothesize that these classes define weak password subspaces suitable for an attack dictionary. For user-drawn graphical passwords, we apply this method with cognitive studies on visual recall. These cognitive studies motivate us to define a set of password complexity factors (e.g., reflective symmetry and stroke-count), which define a set of classes. To better understand the size of these classes, and thus how weak the password subspaces they define might be, we use the "Draw-A-Secret" (DAS) gra...
Real-time Traffic| Added | 15 Dec 2010 |
| Updated | 15 Dec 2010 |
| Type | Journal |
| Year | 2008 |
| Where | TISSEC |
| Authors | Paul C. van Oorschot, Julie Thorpe |
Comments (0)
Researcher Info
|
