Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information
Joint Authors
Por, Lip Yee
Ho, Peng Foong
Kam, Yvonne Hwei-Syn
Wee, Mee Chin
Chong, Yu Nam
Source
Issue
Vol. 2014, Issue 2014 (31 Dec. 2014), pp.1-12, 12 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2014-05-27
Country of Publication
Egypt
No. of Pages
12
Main Subjects
Medicine
Information Technology and Computer Science
Abstract EN
Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others.
Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user’s actual password.
However, weaknesses in the positioning of distracter and password objects introduce usability and security issues.
In this paper, a new method, which conceals information about the password objects as much as possible, is proposed.
Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set’s input.
The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects.
Therefore, it would be difficult for a shoulder-surfing adversary to identify the user’s actual password.
Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack.
User study results show that the proposed method is able to prevent shoulder-surfing attack.
American Psychological Association (APA)
Ho, Peng Foong& Kam, Yvonne Hwei-Syn& Wee, Mee Chin& Chong, Yu Nam& Por, Lip Yee. 2014. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information. The Scientific World Journal،Vol. 2014, no. 2014, pp.1-12.
https://search.emarefa.net/detail/BIM-1051281
Modern Language Association (MLA)
Ho, Peng Foong…[et al.]. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information. The Scientific World Journal No. 2014 (2014), pp.1-12.
https://search.emarefa.net/detail/BIM-1051281
American Medical Association (AMA)
Ho, Peng Foong& Kam, Yvonne Hwei-Syn& Wee, Mee Chin& Chong, Yu Nam& Por, Lip Yee. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information. The Scientific World Journal. 2014. Vol. 2014, no. 2014, pp.1-12.
https://search.emarefa.net/detail/BIM-1051281
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1051281