Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · •...
Transcript of Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · •...
![Page 2: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/2.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
• (bonus from CHI2008)
![Page 3: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/3.jpg)
Exercise time :-)
![Page 4: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/4.jpg)
Meet a couple of new classmates
Glatik Brimol
Exercise material adapted from 05-610 HCI Methods.
![Page 5: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/5.jpg)
Do you have trouble remembering names?
• Heard people say this?“I can’t remember names but I never forget a face.”
• Is this statement accurate?If so, why is it so?
Exercise material adapted from 05-610 HCI Methods.
![Page 6: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/6.jpg)
Remember the face you saw on the right?
Draw it
Exercise material adapted from 05-610 HCI Methods.
![Page 7: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/7.jpg)
Score your memory1 point each for
• Round head• Eyes wide apart• Big straight nose• Heart-shaped lips• Dimple in chin
Your score:0? 1-2? 3-4? 5?
Exercise material adapted from 05-610 HCI Methods.
![Page 8: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/8.jpg)
• Glimok
• Brimol
• Bratik
• Glatik
Your score?
Do you remember the names? Write down the two names
Exercise material adapted from 05-610 HCI Methods.
![Page 9: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/9.jpg)
What’s happening? Aren’t faces easier to remember?
• Why were the names easier to remember?
• Was this little demonstration different from remembering names or faces typically?
• Typically:
• You recall names & recognize faces
• In this demonstration:
• You recalled faces & recognized names
Exercise material adapted from 05-610 HCI Methods.
![Page 10: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/10.jpg)
Recognition vs recall
• A key HCI principle for (GUI) interfaces:
Recognition is easier than recall
• Many graphical password schemes capitalize on this in different ways
![Page 11: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/11.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 12: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/12.jpg)
Why are graphical passwords interesting?• Picture Superiority Effect
• Dual coding theory
• Recognition is easier than recall
• Text passwords are hard to remember
• Human memory not “built” for precise recall
![Page 13: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/13.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 14: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/14.jpg)
Password uses
• Authentication
• Output is one bit, “yes” or “no”
• Key generation
• “Seed” for a crypto key generator
• 80+ bits needed
• Graphical passwords are not strong enough for this
![Page 15: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/15.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 16: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/16.jpg)
Security properties of graphical passwords
• Often based on filtering, aggregation and tolerance windows
• Too little entropy for key generation
• Resistant against some attacks
• Shoulder surfing
• Sharing, social engineering (pretexting)
• In-place training required to remember
![Page 17: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/17.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 18: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/18.jpg)
Graphical password types
• Pure recall
• Draw-a-Secret (DAS)
• Cued recall
• Blonder, Background-DAS, visKey, PassPoints and other click-point systems
• Recognition
• (SiteKey,) Passfaces, Déjà vu
![Page 19: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/19.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 20: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/20.jpg)
Blonder patent
• U.S. patent 5,559,961
• Filed 1995, issued 1996
• Describes graphical password entry as used by the cued recall systems that use sequence of points
• Unclear if has prevented commercial deployments
• Patents cited as hindrance in keystroke authentication reading chapter
![Page 21: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/21.jpg)
![Page 22: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/22.jpg)
“Draw-a-Secret”
• Draw a simple picture on a 2D grid
• Counts edge crossings and “used” squares in grid
![Page 23: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/23.jpg)
Passfaces
• Select passfaces from a set of faces (3x3 grid, 1 correct, 8 fakes)
• “Facebook edition”
• Security?
![Page 24: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/24.jpg)
visKey / visKeeper• Application to store
bank account details, passwords, contacts, and other private info
• Click on hotspots in a given order
• User-definable tolerance
• Claims to encrypt data, but where does the key come from?
![Page 25: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/25.jpg)
Security: shoulder surfing
F. Tari, A. Ozok, and S. Holden. A Comparison of Perceived and Real Shoulder-surfing Risks Between Alphanumeric and Graphical Passwords. In Proceedings of the Symposium On Usable Privacy and Security 2006, Pittsburgh, PA, July 12-14, 2006.
![Page 26: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/26.jpg)
Click point tolerance and image choice
• Trial with 10x10, 14x14 tolerance squares
• 10x10 was fine
• Few significant differences between different images
• ... but different images have different number of “hotspots”, affecting security
S. Wiedenbeck, J. Waters, J. Birget, A. Brodskiy, and N. Memon. Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice. In Proceedings of the Symposium On Usable Privacy and Security 2005, Pittsburgh, PA, July 6-8, 2005.
![Page 27: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/27.jpg)
Background Draw a Secret (BDAS)
• DAS grid + background image
• BDAS passwords 10 bits more complicated than DAS
• User drawings in BDAS group show:
• increased complexity
• reduced reliance on global symmetry
• reduced reliance on centering drawings
Dunphy, P. and Yan, J. 2007. Do background images improve "draw a secret" graphical passwords?. In Proceedings of the 14th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, October 28 - 31, 2007). CCS '07. ACM, New York, NY, 36-47.
![Page 28: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/28.jpg)
BDAS: image choices
Dunphy, P. and Yan, J. 2007. Do background images improve "draw a secret" graphical passwords?. In Proceedings of the 14th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, October 28 - 31, 2007). CCS '07. ACM, New York, NY, 36-47.
![Page 29: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/29.jpg)
BDAS: memory decay
Dunphy, P. and Yan, J. 2007. Do background images improve "draw a secret" graphical passwords?. In Proceedings of the 14th ACM Conference on Computer and Communications Security (Alexandria, Virginia, USA, October 28 - 31, 2007). CCS '07. ACM, New York, NY, 36-47.
![Page 30: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/30.jpg)
Multiple graphical passwords
Chiasson, S., Biddle, R., and van Oorschot, P. C. 2007. A second look at the usability of click-based graphical passwords. In Proceedings of the 3rd Symposium on Usable Privacy and Security (Pittsburgh, Pennsylvania, July 18 - 20, 2007). SOUPS '07, vol. 229. ACM, New York, NY, 1-12.
![Page 31: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/31.jpg)
Modeling user choice with image analysis
Dirik, A. E., Memon, N., and Birget, J. 2007. Modeling user choice in the PassPoints graphical password scheme. In Proceedings of the 3rd Symposium on Usable Privacy and Security (Pittsburgh, Pennsylvania, July 18 - 20, 2007). SOUPS '07, vol. 229. ACM, New York, NY, 20-28.
![Page 32: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/32.jpg)
Outline
• Why are graphical passwords (GP) interesting?
• Theory of password use
• GP security properties
• Types of GP
• Examples and analyses
• Demos
![Page 33: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/33.jpg)
Application demos
• visKeeper
• Passfaces Personal (Windows)
• Passfaces on web
![Page 34: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/34.jpg)
Bonus
• Undercover: Authentication Usable in Front of Prying Eyes
• A separate visible and hidden challenge
Sasamoto, H., Christin, N., and Hayashi, E. 2008. Undercover: Authentication Usable in Front of Prying Eyes. CHI 2008.
![Page 35: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/35.jpg)
Sasamoto, H., Christin, N., and Hayashi, E. 2008. Undercover: Authentication Usable in Front of Prying Eyes. CHI 2008.
![Page 36: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/36.jpg)
Sasamoto, H., Christin, N., and Hayashi, E. 2008. Undercover: Authentication Usable in Front of Prying Eyes. CHI 2008.
![Page 37: Graphical Passwords - CUPScups.cs.cmu.edu/courses/ups-sp08/slides/040416_graphicalpasswor… · • Describes graphical password entry as used by the cued recall systems that use](https://reader033.fdocuments.us/reader033/viewer/2022052616/60a2ffecf2318a76cd7f6691/html5/thumbnails/37.jpg)
Sasamoto, H., Christin, N., and Hayashi, E. 2008. Undercover: Authentication Usable in Front of Prying Eyes. CHI 2008.