P. Andriotis, T. Tryfonas, G. Oikonomou

Abstract:
One of the most popular contemporary graphical password approaches is the Pattern-Lock authentication mechanism that comes integrated with the Android mobile operating system. In this paper we investigate the impact of password strength meters on the selection of a perceivably secure pattern. We first define a suitable metric to measure pattern strength, taking into account the constraints imposed by the Pattern-Lock mechanism's design. We then implement an app via which we conduct a survey for Android users, retaining demographic information of responders and their perceptions on what constitutes a pattern complex enough to be secure. Subsequently, we display a pattern strength meter to the participant and investigate whether this additional prompt influences the user to change their pattern to a more effective and complex one. We also investigate potential correlations between our findings and results of a previous pilot study in order to detect any significant biases on setting a Pattern-Lock.
Reference:
P. Andriotis, T. Tryfonas, G. Oikonomou, "Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method", in Proc. 16th International Conference on Human-Computer Interaction (HCI 2014), ser. Lecture Notes in Computer Science, 8533, pp. 115-126, 2014 (invited)
Bibtex Entry:
@INPROCEEDINGS{Andriotis-2014-hcii,
	author = {Panagiotis Andriotis and Theo Tryfonas and George Oikonomou},
	title = {Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method},
	booktitle = {Proc. 16th International Conference on Human-Computer Interaction (HCI 2014)},
	month = {June},
	year = {2014},
	pages = {115--126},
	series = {Lecture Notes in Computer Science},
	volume = {8533},
	doi = {10.1007/978-3-319-07620-1_11},
	Location = {Crete, Greece},
  gsid = {4519444426843393766},
	note = {invited},
	abstract = {One of the most popular contemporary graphical password approaches is the Pattern-Lock authentication mechanism that comes integrated with the Android mobile operating system. In this paper we investigate the impact of password strength meters on the selection of a perceivably secure pattern. We first define a suitable metric to measure pattern strength, taking into account the constraints imposed by the Pattern-Lock mechanism's design. We then implement an app via which we conduct a survey for Android users, retaining demographic information of responders and their perceptions on what constitutes a pattern complex enough to be secure. Subsequently, we display a pattern strength meter to the participant and investigate whether this additional prompt influences the user to change their pattern to a more effective and complex one. We also investigate potential correlations between our findings and results of a previous pilot study in order to detect any significant biases on setting a Pattern-Lock.},
}
Powered by bibtexbrowser

Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method