216
views
0
recommends
+1 Recommend
1 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Evaluating the usability and security of a graphical one-time PIN system

      , ,

      Proceedings of HCI 2010 (HCI)

      Human Computer Interaction

      6 - 10 September 2010

      Authentication usage scenarios, graphical passwords, PINs

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Traditional Personal Identification Numbers (PINs) are widely used, but the attacks in which they are captured have been increasing. One-time PINs offer better security, but potentially create greater workload for users. In this paper, we present an independent evaluation of a commercial system that makes PINs more resistant to observation attacks by using graphical passwords on a grid to generate a one-time PIN. 83 participants were asked to register with the system and log in at varying intervals. The successful login rate was approximately 91% after 3-4 days, and 97% after 9-10 days. Twenty five participants were retested after two years, and 27% of those were able to recall their pattern. We recorded 17 instances of failed attempts, and found that even though participants recalled the general shape of the pass-pattern in 13 of these instances, they could not recall its detailed location or sequence of cells. We conclude that GrIDsure is usable if people have one pass-pattern, but the level of security will depend on the context of use (it will work best in scenarios where repeated observations of transactions are unlikely), and the instructions given to users (without guidance, they are likely to chose from a small subset of the possible patterns which are easily guessed).

          Related collections

          Most cited references 3

          • Record: found
          • Abstract: not found
          • Conference Proceedings: not found

          A large-scale study of web password habits

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Password memorability and security: empirical results

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Measurement of visual memory span by means of the recall of dot-in-matrix patterns

               Shin Ichikawa (1982)
                Bookmark

                Author and article information

                Contributors
                Conference
                September 2010
                September 2010
                : 88-97
                Affiliations
                Department of Computer Science, UCL (University College London)

                Malet Place, London, UK.
                Article
                10.14236/ewic/HCI2010.13
                © Sacha Brostoff et al. Published by BCS Learning and Development Ltd. Proceedings of HCI 2010, University of Abertay, Dundee, UK

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                Proceedings of HCI 2010
                HCI
                24
                University of Abertay, Dundee, UK
                6 - 10 September 2010
                Electronic Workshops in Computing (eWiC)
                Human Computer Interaction
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article