Abstract
Passwords are used in the vast majority of computer and communication systems for authentication. The greater security and memorability of graphical passwords make them a possible alternative to traditional textual passwords. In this paper we propose a new graphical password scheme called YAGP, which is an extension of the Draw-A-Secret (DAS) scheme. The main difference between YAGP and DAS is soft matching. The concepts of the stroke-box, image-box, trend quadrant, and similarity are used to describe the images characteristics for soft matching. The reduction in strict user input rules in soft matching improves the usability and therefore creates a great advantage. The denser grid granularity enables users to design a longer password, enlarging the practical password space and enhancing security. Meanwhile, YAGP adopts a triple-register process to create multi-templates, increasing the accuracy and memorability of characteristics extraction. Experiments illustrate the effectiveness of YAGP.
Similar content being viewed by others
References
Adams A, Sasse M A. Users are not the enemy: Why users compromise computer security mechanisms and how to take remedial measures. Communications of the ACM, 1999, 42(12): 41–46.
Zhang Y D, Tang S, Li J T. Secure and incidental distortion tolerant digital signature for image authentication. Journal of Computer Science and Technology, 2007, 22(4): 618–625.
Paivio A, Rogers T B, Smythe P C. Why are pictures easier to recall than words? Psychonomic Science, 1968, 11(4): 137–138.
Zhang H B, Yang C, Quan X M. Image authentication based on digital signature and semi-fragile watermarking. Journal of Computer Science and Technology, 2004, 19(6): 752–759.
Jermyn I, Mayer A, Monrose F, Reiter M K, Rubin A D. The design and analysis of graphical passwords. In Proc. the 8th USENIX Security Symposium, Washington, USA, August 23–26, 1999, pp.1-15.
Tian J, Li L, Yang X. Fingerprint-based identity authentication and digital media protection in network environment. Journal of Computer Science and Technology, 2006, 21(5): 861–870.
Dunphy P, Yan J. Do background images improve “draw a secret” graphical passwords? In Proc. the 14th ACM Conference on Computer and Communications Security (CCS 2007), Alexandria, USA, Oct. 29-Nov. 2, 2007, pp.36-47.
Lin D, Dunphy P, Olivier P, Yan J. Graphical passwords & qualitative spatial relations. In Proc. the 3rd Symposium on Usable Privacy and Security, Pittsburgh, USA, July 18–20, 2007, pp.161-162.
Tao H, Adams C. Pass-Go: A proposal to improve the usability of graphical passwords. International Journal of Network Security, 2008, 7(2): 273–292.
Android. http://code.google.com/android, January 15, 2011.
Gao H C, Guo X W, Chen X P, Wang L M, Liu X Y. YAGP: Yet another graphical password strategy. In Proc. the 24th Annual Computer Security Applications Conference (ACSAC2008), California, USA, Aug. 8–12, 2008, pp.121-129.
Levenshtein V I. Binary codes capable of correcting deletions, insertions, and reversals. Soviet Physics Doklady, 1966, 10(8): 707–710.
Blonder G E. Graphical passwords. In Lucent Technologies, Inc., U.S. Patent 5559961, 1996.
Dhamija R, Perrig A. Déjà Vu: A user study using images for authentication. In Proc. the 9th USENIX Security Symposium, Denver, USA, August 14–17, 2000, pp.45-58.
Passfaces. http://www.realuser.com, January 15, 2011.
Wiedenbeck S, Waters J, Birget J C, Brodskiy A, Memon N. Authentication using graphical passwords: Basic results. In Proc. the 11th Human-Computer Interaction International, Las Vegas, USA, July 22–27, 2005, pp.1-10.
Biddle R, Chiasson S, van Oorschot P. Graphical passwords: Learning from the first twelve years. School of Computer Science, Carleton University, TechnicalReport TR-11-01, Jan. 4, 2011.
Suo X, Zhu Y, Owen G S. Graphical passwords: A survey. In Proc. the 21st Annual Computer Security Applications Conference (ACSAC2005),Arizona, USA, Dec. 5–9, 2005, pp.463-472.
Chalkias K, Alexiadis A, Stephanides G. A multi-grid graphical password scheme. In Proc. the 6th International Conference on Artificial Intelligence and Digital Communications (AIDC 2006), Thessaloniki, Greece, Aug. 18–20, 2006, pp.80-90.
Thorpe J, van Oorschot P C. Graphical dictionaries and the memorable space of graphical passwords. In Proc. the 13th USENIX Security Symposium, San Diego, USA, August 9–13, 2004, pp.1-16.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is supported by the National Natural Science Foundation of China under Grant No. 60903198. A preliminary version of this work appears in the Proceedings of the 24th Annual Computer Security Applications Conference.
Electronic Supplementary Material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Liu, XY., Gao, HC., Wang, LM. et al. An Enhanced Drawing Reproduction Graphical Password Strategy. J. Comput. Sci. Technol. 26, 988–999 (2011). https://doi.org/10.1007/s11390-011-1195-7
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-011-1195-7