The Effect of Baroque Music on the Passpoints Graphical Password

Haichang Gao,Uwe Aickelin,Xiuling Chang,Zhongjie Ren,Xiyang Liu

doi:10.2139/ssrn.2830296

Haichang Gao, Uwe Aickelin + Show 3 more

Open Access

https://doi.org/10.2139/ssrn.2830296

Copy DOI

Abstract

Graphical passwords have been demonstrated to be the possible alternatives to traditional alphanumeric passwords. However, they still tend to follow predictable patterns that are easier to attack. The crux of the problem is users’ memory limitations. Users are the weakest link in password authentication mechanism. It shows that baroque music has positive effects on human memorizing and learning. We introduce baroque music to the PassPoints graphical password scheme and conduct a laboratory study in this paper. Results shown that there is no statistic difference between the music group and the control group without music in shortterm recall experiments, both had high recall success rates. But in long-term recall, the music group performed signifi- cantly better. We also found that the music group tended to set significantly more complicated passwords, which are usually more resistant to dictionary and other guess attacks. But compared with the control group, the music group took more time to log in both in short-term and long-term tests. Besides, it appears that background music does not work in terms of hotspots.

Highlights

Alphanumeric passwords are widely used in identity authentication to protect users’ privacy
(2) Passwords should be secure, i.e. they should be random-looking and should be hard to guess; they should be changed frequently, and should be different for multi-accounts; they should not be written down or stored in plain text. Meeting these conditions is almost impossible for humans, with the result that the use of alphanumeric passwords was putted in dilemma: that long complicated passwords are hard for people to remember, while shorter ones are susceptible to attack
We investigate the novel idea of introducing background baroque music to the PassPoints graphical password scheme with the purpose of alleviating users’ memory burden and improving usable security

Summary

Introduction

Alphanumeric passwords are widely used in identity authentication to protect users’ privacy. (2) Passwords should be secure, i.e. they should be random-looking and should be hard to guess; they should be changed frequently, and should be different for multi-accounts; they should not be written down or stored in plain text. Problem arises because such passwords are expected to meet two conflicting requirements: (1) Passwords should be easy to remember, and the user authentication protocol should be executable quickly and . Meeting these conditions is almost impossible for humans, with the result that the use of alphanumeric passwords was putted in dilemma: that long complicated passwords are hard for people to remember, while shorter ones are susceptible to attack. Users still tend to choose passwords that are memorable in some way, which means that the graphical passwords still tend to follow predictable patterns that are easier for attackers to exploit [4, 16, 23]

Methods

Results

Discussion

Conclusion