Skip to main content
Springer Nature Link
Log in

HapticPoints: The Extended PassPoints Graphical Password

  • Conference paper
  • First Online:
Information Security Applications (WISA 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11402))

Included in the following conference series:

Abstract

The most common issue of alphanumeric passwords is users normally create weak passwords for the reason that strong passwords are difficult to recognise and memorise. Graphical password authentication system is one of the approaches to address the issues of alphanumeric passwords memorability. Wiedenbeck et al. propose PassPoints in which a password is a sequence of any 5 to 8 user-selected click points on a system-assigned image. Nevertheless, PassPoints still faces the problem of predictable click points and shoulder surfing attack. In this paper, we propose an alternative graphical password system on smartphones called HapticPoints. By adding haptic feedback to PassPoints as additional decoy click points, the aforementioned problems can be prevented without needing users to do any additional memory task. We also conduct a user study to evaluate and compare the usability of HapticPoints and PassPoints.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Li, J., Jiang, Y., Fan, R.: Recognition of biological signal mixed based on wavelet analysis. In: Jiang, Y., et al. (eds.) Proceedings of UK-China Sports Engineering Workshop, pp. 1–8. World Academic Union, Liverpool (2007)

    Google Scholar 

  2. Dewri, R., Chakraborti, N.: Simulating recrystallization through cellular automata and genetic algorithms. Model. Simul. Mater. Sci. Eng. 13(3), 173–183 (2005)

    Article  Google Scholar 

  3. Gray, A.: Modern Differential Geometry. CRE Press (1998)

    Google Scholar 

  4. Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the International Conference on World Wide Web (WWW 2007), pp. 657–666 (2007)

    Google Scholar 

  5. Biddle, R., Chiasson, S., van Oorschot, P.: Graphical passwords: learning from the first twelve years. Carleton University - School of Computer Science, Technical report TR-11-01, 4 January 2011

    Google Scholar 

  6. Blonder, G.E.: Graphical passwords. United States Patent 5559961 (1996)

    Google Scholar 

  7. Dirik, A., Memon, N., Birget, J.: Modeling user choice in the passpoints graphical password scheme. In: Proceedings of the 3rd Symposium on Usable Privacy and Security, pp. 20–28. ACM (2007)

    Google Scholar 

  8. Thorpe, J., van Oorschot, P.: Human-seeded attacks and exploiting hot-spots in graphical passwords. In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 8:1–8:16. USENIX Association (2007)

    Google Scholar 

  9. Enso, B.: How Consumers Remember Passwords. Forrester Research Report, 2 June 2004

    Google Scholar 

  10. Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of USENIX Security Symposium (1999)

    Google Scholar 

  11. Dunph, P., Yan, J.: Do background images improve “Draw a Secret” graphical passwords? In: Proceedings of 14th ACM Conference on Computer and Communications Security, Virginia, USA, 28–31 October 2007, pp. 36–47. ACM Press, New York (2007)

    Google Scholar 

  12. Gao, H.C., Guo, X.W., Chen, X.P., Wang, L.M., Liu, X.Y.: YAGP: yet another graphical password strategy. In: Proceedings of 24th Annual Computer Security Applications Conference (ACSAC 2008), California, USA, 8–12 August 2008, pp. 121–129 (2008)

    Google Scholar 

  13. Tao, H.: Pass-Go, a new graphical password scheme. Master Thesis, University of Ottawa Canada, June 2006

    Google Scholar 

  14. Hayashi, E., Dhamija, R., Christin, N., Perrig, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of SOUPS 2008. ACM (2008)

    Google Scholar 

  15. Dhamija, R., Perrig, A.: Deja Vu: a user study using images for authentication. In: Proceedings of 9th USENIX Security Symposium (2000)

    Google Scholar 

  16. Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., Memon, N.: PassPoints: design and longitudinal evaluation of a graphical password system. Int. J. Hum.-Comput. Stud. 63, 102–127 (2005)

    Article  Google Scholar 

  17. Stubblefield, A., Simon, D.R.: Inkblot authentication. Microsoft Technical report MSR-TR-2004-85 (2004)

    Google Scholar 

  18. Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: International Working Conference on Advanced Visual Interfaces (AVI), May 2006

    Google Scholar 

  19. Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: ACM Conference on Computer and Communications Security (CCS), November 2005

    Google Scholar 

  20. Chiasson, S., et al.: Multiple Password Interference in Text Passwords and Click-Based Graphical Passwords. ACM (2009)

    Google Scholar 

  21. Gołofit, K.: Click passwords under investigation. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 343–358. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74835-9_23

    Chapter  Google Scholar 

  22. Chiasson, S., Forget, A., Biddle, R., van Oorschot, P.: Influencing users towards better passwords: persuasive cued click-points. In: Human Computer Interaction (HCI), The British Computer Society, September 2008

    Google Scholar 

  23. Alshehri, M,N., Crawford, H.: Using image saliency and regions of interest to encourage stronger graphical passwords. In: ACSAC 2016, Los Angeles, CA, USA, December 2016

    Google Scholar 

  24. Kummerer, M., Theis, L., Bethge, M.: Deep Gaze I: boosting saliency prediction with feature maps trained on ImageNet. arXiv preprint arXiv:1411.1045 (2014)

  25. Lewis, J.R.: IBM computer usability satisfaction questionnaires: psychometric evaluation and instructions for use. Int. J. Hum.-Comput. Interact. 7, 57–78 (1995)

    Article  Google Scholar 

  26. Nicholson, J.: Design of a multi-touch shoulder surfing resilient graphical password. Dissertation, Newcastle University (2009)

    Google Scholar 

  27. Tari, F., Ozok, A.A., Holden, S.: A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In: SOUPS 2006. ACM (2006)

    Google Scholar 

  28. Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson J., Olivier, P.: Multi-touch authentication on tabletops. In: CHI 2010. ACM (2010)

    Google Scholar 

  29. Zakaria, N.H., Griffiths, D., Brostoff, S., Yan, J.: Shoulder surfing defence for recall-based graphical passwords. In: SOUPS 2011. ACM (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Faculty of Science, King Mongkut’s Institute of Technology Ladkrabang, Bangkok, Thailand

    Trust Ratchasan & Rungrat Wiangsripanawan

Authors
  1. Trust Ratchasan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rungrat Wiangsripanawan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rungrat Wiangsripanawan .

Editor information

Editors and Affiliations

  1. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Brent ByungHoon Kang

  2. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    JinSoo Jang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ratchasan, T., Wiangsripanawan, R. (2019). HapticPoints: The Extended PassPoints Graphical Password. In: Kang, B., Jang, J. (eds) Information Security Applications. WISA 2018. Lecture Notes in Computer Science(), vol 11402. Springer, Cham. https://doi.org/10.1007/978-3-030-17982-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-17982-3_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-17981-6

  • Online ISBN: 978-3-030-17982-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation