Abstract
Graphical authentication schemes offer a more memorable alternative to conventional passwords. One common criticism of graphical passcodes is the risk for observability by unauthorized onlookers. This type of threat is referred to as an Over-the-Shoulder Attack (OSA). A strategy to prevent casual OSAs is to distort the images, making them difficult for onlookers to recognize. Critically, the distortion should not harm legitimate users’ ability to recognize their passcode images. If designers select the incorrect amount of distortion, the passcode images could become vulnerable to attackers or images could become unrecognizable by users rendering the system useless for authentication. We suggest graphical authentication designers can distort images at brushstroke size 10 for a 112 × 90-pixel image to maintain user recognition and decrease casual OSAs. Also, we present mathematical equations to explicitly communicate the image distortion process to facilitate implementation of this OSA resistant approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hayashi, E., Dhamija, R., Christin, N., Perrig, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of the 4th Symposium on Usable Privacy and Security, pp. 35–45 (2008)
Leu, E.: Authentication Trends for 2017, 8 June 2017. Upwork Global Inc.: https://www.upwork.com/hiring/for-clients/authentication-trends/. Accessed 20 Sept 2017
Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: empirical results. IEEE Secur. Priv. 2(5), 25–31 (2004)
Still, J.D., Cain, A., Schuster, D.: Human-centered authentication guidelines. Inf. Comput. Secur. 25(4), 437–453 (2017)
Grawemeyer, B., Johnson, H.: Using and managing multiple passwords: a week to a view. Interact. Comput. 23(3), 256–267 (2011)
Paivio, A.: Imagery and Verbal Processes. Psychology Press, London (2013)
Cain, A.A., Still, J.D.: A rapid serial visual presentation method for graphical authentication. In: Nicholson, D. (ed.) Advances in Human Factors in Cybersecurity, pp. 3–11. Springer, Cham (2016)
Sasamoto, H., Christin, N., Hayashi, E.: Undercover: authentication usable in front of prying eyes. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 183–192. ACM, April 2008
English, R., Poet, R.: The effectiveness of intersection attack countermeasures for graphical passwords. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1–8. IEEE, June 2012
Gregory, R.: The Intelligent Eye. McGraw-Hill Book Company, New York City (1970)
Santhosh, G.: Oil Paint Effect: Implementation of Oil Painting Effect on an Image, 20 October 2012. Code Project.com: https://www.codeproject.com/Articles/471994/OilPaintEffect
Hardelin, J., Joost, R., Claussner, S.: GNU Image Manipulation Program User Manual, 29 September 2016. GIMP.org: https://docs.gimp.org/en/index.html
Hummel, R.: Image Enhancement by Histogram Transformation (No. TR-411). Maryland University College Park Computer Science Center (1975)
Sonka, M., Hlavac, V., Boyle, R.: Image Processing, Analysis, and Machine Vision. Cengage Learning, Stamford (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Tiller, L.N., Cain, A.A., Potter, L.N., Still, J.D. (2019). Graphical Authentication Schemes: Balancing Amount of Image Distortion. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-94782-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94781-5
Online ISBN: 978-3-319-94782-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)