Abstract
The disadvantages of traditional text-based user authentication methods include the inability to remember lengthy passwords, the ease with which they can be shared, and their susceptibility to a number of security threats, including keyboard tracking, brute force assaults, and shoulder surfing. Map-based passwords are more memorable than text-based passwords. We suggest a map-based user authentication system as a solution to these issues and to increase memorability. A two-stage authentication process is used. In stage one, the password is decided upon using the ID of a street view point panorama on the map. The user must use the formula they have registered to deliver the output for a random input in the second stage of authentication. The system was implemented using Google Maps. In addition to conducting a user study on memorability, security, and usability, we also conducted a usability analysis based on ISO/IEC 25022.












Similar content being viewed by others
Data availability
Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.
References
Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of the 8th USENIX Security Symposium, pp. 200–203 (1999). https://doi.org/10.1109/ICCIIS.2010.35
Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A., Memon, N.: PassPoints: design and longitudinal evaluation of a graphical password system. Int. J. Hum. Comput. Stud. 63(1–2), 102 (2005). https://doi.org/10.1016/j.ijhcs.2005.04.010
Chiasson, S., Van Oorschot, P.C., Biddle, R.: Graphical password authentication using cued click points. In: European Symposium on Research in Computer Security, pp. 359–374. Springer (2007)
Google Street View. https://en.wikipedia.org/wiki/Google_Street_View
Street View. https://developers.google.com/maps/documentation/javascript/streetview
Discover Street View and contribute your own imagery to Google Maps. https://www.google.com/streetview/
KartaView. https://kartaview.org/landing
Mapillary. https://www.mapillary.com/
Maps—Apple. https://www.apple.com/maps/
Combinatorics—How many possible combinations in 8 character password?—Mathematics Stack Exchange. https://math.stackexchange.com/questions/739874/how-many-possible-combinations-in-8- character-password
Database design—What are the lengths of Location Coordinates, latitude and longitude?—Stack Overflow. https://stackoverflow.com/questions/15965166/what-are-the-lengths-of-location-coordinates-latitude-and-longitude
Future Online Password Could be a Map. https://news.yahoo.com/future-online-password-could-map.html
Spitzer, J., Singh, C., Schweitzer, D.: A security class project in graphical passwords. J. Comput. Sci. Coll. 26(2), 7 (2010)
Sun, H.M., Chen, Y.H., Fang, C.C., Chang, S.Y.: PassMap: a map based graphical-password authentication system. In: ASIACCS 2012—7th ACM Symposium on Information, Computer and Communications Security, pp. 99–100 (2012). https://doi.org/10.1145/2414456.2414513
Thorpe, J., MacRae, B., Salehi-Abari, A.: Usability and security evaluation of GeoPass: a geographic location-password scheme. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, pp. 1–14 (2013)
Al-Ameen, M.N., Wright, M.: Multiple-password interference in the geopass user authentication scheme. In: Proc. Workshop Usable Secur. (USEC), pp. 1–6 (2015)
MacRae, B., Salehi-Abari, A., Thorpe, J.: An exploration of geographic authentication schemes. IEEE Trans. Inf. Forensics Secur. 11(9), 1997 (2016)
Shin, J., Kancharlapalli, S., Farcasin, M., Chan-Tin, E.: SmartPass: a smarter geolocation-based authentication scheme. Secur. Commun. Netw. 5(June), 3927–3938 (2015). https://doi.org/10.1002/sec
Meng, W.: RouteMap: a route and map based graphical password scheme for better multiple password memory. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9408, p. 147 (2015). https://doi.org/10.1007/978-3-319-25645-0_10
Funding
The authors did not receive support from any organization for the submitted work.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors have no relevant financial or non-financial interests to disclose.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Mishra, K.C., Dutta, S. A simple and secure user authentication scheme using Map Street View with usability analysis based on ISO/IEC 25022. Int. J. Inf. Secur. 22, 403–415 (2023). https://doi.org/10.1007/s10207-022-00636-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-022-00636-0