skip to main content
10.1145/2414456.2414513acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

PassMap: a map based graphical-password authentication system

Published: 02 May 2012 Publication History

Abstract

Text passwords have been used in authentication systems for many decades. Users must recall the textual strings selected during registration to pass authentication. However, there are some serious problems with text passwords---recollection and security. Hence, various graphical-password authentication systems have been proposed to solve the problems of text passwords. Previous studies indicate that humans are better at recognizing and recalling images than texts. In 2005, Wiedenbeck et al. proposed PassPoints in which a password consists of a sequence of click-points (5 to 8) that a user chooses on an image. In the paper, we proposed an alternative system in which users can memorize fewer points while providing more security than PassPoints. Based on the idea of using an extremely large image as the password space, we propose a novel world map based graphical-password authentication system called PassMap in which a password consists of a sequence of 2 click-points that a user selects on an large world map. We also conducted a user study for evaluation. The result shows that the passwords of PassMap are easy to memorize for humans and PassMap is friendly to use in practice. Furthermore, PassMap provides higher entropy than PassPoints and also increases the cost of attacks.

References

[1]
R. Biddle, S. Chiasson, and P. van Oorschot. Graphical passwords: Learning from the first twelve years. ACM Computing Surveys (to appear). School of Computer Science, Carleton University, 2010.
[2]
S. Chiasson, A. Forget, E. Stobert, P. Van Oorschot, and R. Biddle. Multiple password interference in text passwords and click-based graphical passwords. In Proceedings of the 16th ACM conference on Computer and communications security, pages 500--511. ACM, 2009.
[3]
I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin. The design and analysis of graphical passwords. In Proceedings of the 8th conference on USENIX Security Symposium-Volume 8, pages 1--1. USENIX Association, 1999.
[4]
D. Nelson, U. Reed, and J. Walling. Picture superiority effect. Journal of Experimental Psychology: Human Learning and Memory, 3: 485--497, 1977.
[5]
A. Perrig and D. Song. Hash visualization: A new technique to improve real-world security. In International Workshop on Cryptographic Techniques and E-Commerce, pages 131--138. Citeseer, 1999.
[6]
X. Suo, Y. Zhu, and G. Owen. Graphical passwords: A survey. 2005.
[7]
J. Thorpe and P. Van Oorschot. Towards secure design choices for implementing graphical passwords. 2004.
[8]
S. Wiedenbeck, J. Waters, J. Birget, A. Brodskiy, and N. Memon. Passpoints: Design and longitudinal evaluation of a graphical password system. International Journal of Human-Computer Studies, 63(1--2): 102--127, 2005.
[9]
S. Wiedenbeck, J. Waters, L. Sobrado, and J. Birget. Design and evaluation of a shoulder-surfing resistant graphical password scheme. In Proceedings of the working conference on Advanced visual interfaces, pages 177--184. ACM, 2006.

Cited By

View all
  • (2024)Performance Analysis of Authentication System: A Systematic Literature ReviewRecent Advances in Computer Science and Communications10.2174/012666255824653123112111551417:7Online publication date: Oct-2024
  • (2024)A Security Enhanced Android Unlock Scheme Based on Pinch-to-Zoom for Smart DevicesIEEE Transactions on Consumer Electronics10.1109/TCE.2023.328006470:1(3985-3993)Online publication date: Feb-2024
  • (2024)PassFile: Graphical Password Authentication Based on File Browsing RecordsMachine Learning for Cyber Security10.1007/978-981-97-2458-1_3(28-43)Online publication date: 23-Apr-2024
  • Show More Cited By

Index Terms

  1. PassMap: a map based graphical-password authentication system

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
      May 2012
      119 pages
      ISBN:9781450316484
      DOI:10.1145/2414456
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 02 May 2012

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. authentication
      2. graphical passwords

      Qualifiers

      • Research-article

      Conference

      ASIA CCS '12
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 418 of 2,322 submissions, 18%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)14
      • Downloads (Last 6 weeks)1
      Reflects downloads up to 20 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)Performance Analysis of Authentication System: A Systematic Literature ReviewRecent Advances in Computer Science and Communications10.2174/012666255824653123112111551417:7Online publication date: Oct-2024
      • (2024)A Security Enhanced Android Unlock Scheme Based on Pinch-to-Zoom for Smart DevicesIEEE Transactions on Consumer Electronics10.1109/TCE.2023.328006470:1(3985-3993)Online publication date: Feb-2024
      • (2024)PassFile: Graphical Password Authentication Based on File Browsing RecordsMachine Learning for Cyber Security10.1007/978-981-97-2458-1_3(28-43)Online publication date: 23-Apr-2024
      • (2023)A Graphical Password Scheme Based on Rounded Image SelectionScience of Cyber Security10.1007/978-3-031-45933-7_6(97-114)Online publication date: 21-Nov-2023
      • (2022)Risk-Based AuthenticationHandbook of Research on Mathematical Modeling for Smart Healthcare Systems10.4018/978-1-6684-4580-8.ch009(154-179)Online publication date: 24-Jun-2022
      • (2022)“Pictures are easier to remember than spellings!”International Journal of Child-Computer Interaction10.1016/j.ijcci.2022.10051533:COnline publication date: 1-Sep-2022
      • (2022)A simple and secure user authentication scheme using Map Street View with usability analysis based on ISO/IEC 25022International Journal of Information Security10.1007/s10207-022-00636-022:2(403-415)Online publication date: 5-Dec-2022
      • (2022)ZoomPass: A Zoom-Based Android Unlock Scheme on Smart DevicesScience of Cyber Security10.1007/978-3-031-17551-0_16(245-259)Online publication date: 30-Sep-2022
      • (2022)Double-X: Towards Double-Cross-Based Unlock Mechanism on SmartphonesICT Systems Security and Privacy Protection10.1007/978-3-031-06975-8_24(412-428)Online publication date: 3-Jun-2022
      • (2021)Simple Screen Locking Method Using Randomly Generated Number Grid on ImageResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch012(223-246)Online publication date: 2021
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media