Securing passfaces for description

Paul Dunphy*, James Nicholson, Patrick Olivier

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

30 Citations (Scopus)

Abstract

One common practice in relation to alphanumeric passwords is to write them down or share them with a trusted friend or colleague. Graphical password schemes often claim the advantage that they are significantly more secure with respect to both verbal disclosure and writing down. We investigated the reality of this claim in relation to the Passfaces graphical password scheme. By collecting a corpus of naturalistic descriptions of a set of 45 faces, we explored participants' ability to associate descriptions with faces across three conditions in which the decoy faces were selected: (1) at random; (2) on the basis of their visual similarity to the target face; and (3) on the basis of the similarity of the verbal descriptions of the decoy faces to the target face. Participants were found to perform significantly worse when presented with visual and verbally grouped decoys, suggesting that Passfaces can be further secured for description. Subtle differences in both the nature of male and female descriptions, and male and female performance were also observed.

Original languageEnglish
Title of host publicationSOUPS 2008 - Proceedings of the 4th Symposium on Usable Privacy and Security
Pages24-34
Number of pages11
DOIs
Publication statusPublished - 2008
Externally publishedYes
Event4th Symposium on Usable Privacy and Security, SOUPS 2008 - Pittsburgh, PA, United States
Duration: 23 Jul 200825 Jul 2008

Publication series

NameSOUPS 2008 - Proceedings of the 4th Symposium on Usable Privacy and Security

Conference

Conference4th Symposium on Usable Privacy and Security, SOUPS 2008
Country/TerritoryUnited States
CityPittsburgh, PA
Period23/07/0825/07/08

Cite this