Skip to main content
SpringerLink
Log in
Book cover

International Conference on Network and System Security

NSS 2015: Network and System Security pp 147–161Cite as

RouteMap: A Route and Map Based Graphical Password Scheme for Better Multiple Password Memory

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9408))

Abstract

Graphical passwords (GPs) are considered as one promising solution to replace traditional text-based passwords. Many GP schemes have been proposed in the literature such as PassPoints, DAS, Cued Click Points, GeoPass and so on. These schemes reported promising performance in their studies in the aspects of security and usability, however, we notice that these GP schemes may suffer from the issue of multiple password memory. In our first user study, it is identified that this issue has indeed become a big challenge. In real-world applications, users usually have to remember and maintain more than one password in different scenarios, thus, it is very essential to develop a better GP scheme to solve this issue. In this paper, we focus on map-based GPs and propose a scheme of RouteMap for better multiple password memory, which allows users to draw a route on a map as their secrets. In our second user study with 60 participants, it is found that users can achieve better performance using RouteMap in terms of multiple password memory, as compared with two similar schemes. Our effort attempts to complement existing studies and stimulate more research on this issue.

W. Meng—The author is previously known as Yuxin Meng.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, pp. 538–552 (2012)

    Google Scholar 

  2. Chiasson, S., van Oorschot, P.C., Biddle, R.: Graphical password authentication using cued click points. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 359–374. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  3. Chiasson, S., Biddle, R., van Oorschot, P.C.: A second look at the usability of click-based graphical passwords. In: Proceedings of the 3rd Symposium on Usable Privacy and Security (SOUPS), pp. 1–12. ACM, New York (2007)

    Google Scholar 

  4. Chiasson, S., Stobert, E., Forget, A., Biddle, R.: Persuasive Cued Click-Points: Design, Implementation, and Evaluation of a Knowledge-Based Authentication Mechanism. IEEE Transactions on Dependable and Secure Computing 9(2), 222–235 (2012)

    Article  Google Scholar 

  5. Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: Proceedings of the 13th Conference on USENIX Security Symposium (SSYM), pp. 151–164. USENIX Association, Berkeley (2004)

    Google Scholar 

  6. Dirik, A.E., Memon, N., Birget, J.C.: Modeling user choice in the passpoints graphical password scheme. In: Proceedings of the 3rd Symposium on Usable privacy and security (SOUPS). ACM, New York, pp. 20–28 (2007)

    Google Scholar 

  7. Dunphy, P., Yan, J.: Do background images improve “draw a secret” graphical passwords? In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 36–47 (2007)

    Google Scholar 

  8. Fox, S.: Future Online Password Could be a Map (2010). http://www.livescience.com/8622-future-online-password-map.html

  9. Georgakakis, E., Komninos, N., Douligeris, C.: NAVI: novel authentication with visual information. In: Proceedings of the 2012 IEEE Symposium on Computers and Communications (ISCC), pp. 588–595 (2012)

    Google Scholar 

  10. Gołofit, K.: Click passwords under investigation. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 343–358. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  11. Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of the 8th Conference on USENIX Security Symposium, pp. 1–14. USENIX Association, Berkeley (1999)

    Google Scholar 

  12. Lin, D., Dunphy, P., Olivier, P., Yan, J.: Graphical passwords & qualitative spatial relations. In: Proceedings of the 3rd Symposium on Usable Privacy and Security (SOUPS), pp. 161–162 (2007)

    Google Scholar 

  13. Meng, Y.: Designing click-draw based graphical password scheme for better authentication. In: Proceedings of the 7th IEEE International Conference on Networking, Architecture, and Storage (NAS), pp. 39–48 (2012)

    Google Scholar 

  14. Meng, Y., Li, W.: Evaluating the effect of tolerance on click-draw based graphical password scheme. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 349–356. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  15. Nelson, D.L., Reed, V.S., Walling, J.R.: Pictorial superiority effect. Journal of Experimental Psychology: Human Learning and Memory 2(5), 523–528 (1976)

    Google Scholar 

  16. Passfaces. http://www.realuser.com/

  17. Shepard, R.N.: Recognition memory for words, sentences, and pictures. Journal of Verbal Learning and Verbal Behavior 6(1), 156–163 (1967)

    Article  Google Scholar 

  18. Spitzer, J., Singh, C., Schweitzer, D.: A Security Class Project in Graphical Passwords. Journal of Computing Sciences in Colleges 26(2), 7–13 (2010)

    Google Scholar 

  19. Suo, X., Zhu, Y., Owen, G.S.: Graphical passwords: a survey. In: Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC), pp. 463–472. IEEE Computer Society, USA (2005)

    Google Scholar 

  20. Sun, H., Chen, Y., Fang, C., Chang, S.: PassMap: a map based graphical-password authentication system. In: Proceedings of ASIACCS, pp. 99–100 (2012)

    Google Scholar 

  21. Tao, H., Adams, C.: Pass-Go: A Proposal to Improve the Usability of Graphical Passwords. International Journal of Network Security 2(7), 273–292 (2008)

    Google Scholar 

  22. Thorpe, J., MacRae, B., Salehi-Abari, A.: Usability and security evaluation of geopass: a geographic location-password scheme. In: Proceedings of the 9th Symposium on Usable Privacy and Security (SOUPS), pp. 1–14 (2013)

    Google Scholar 

  23. Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Passpoints: Design and Longitudinal Evaluation of A Graphical Password System. International Journal of Human-Computer Studies 63(1–2), 102–127 (2005)

    Article  Google Scholar 

  24. Weir, M., Aggarwal, S., Collins, M., Stern, H.: Testing metrics for password creation policies by attacking large sets of revealed passwords. In: Proceedings of CCS, pp. 162–175 (2010)

    Google Scholar 

  25. Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: Empirical results. IEEE Security and Privacy 2, pp. 25-31 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Infocomm Security Department, Institute for Infocomm Research, Singapore, Singapore

    Weizhi Meng

  2. Department of Computer Science, City University of Hong Kong, Hong Kong, Hong Kong (SAR)

    Weizhi Meng

Authors
  1. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. Apt. 2A, NEW YORK, New York, USA

    Meikang Qiu

  2. University of Texas, San Antonio, Texas, USA

    Shouhuai Xu

  3. Dept. of Computer Science, Columbia University, New York, New York, USA

    Moti Yung

  4. University of Otago, Dunedin, New Zealand

    Haibo Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Meng, W. (2015). RouteMap: A Route and Map Based Graphical Password Scheme for Better Multiple Password Memory. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science(), vol 9408. Springer, Cham. https://doi.org/10.1007/978-3-319-25645-0_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25645-0_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25644-3

  • Online ISBN: 978-3-319-25645-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation