Abstract

Graphical passwords have been demonstrated to be the possible alternatives to traditional alphanumeric passwords. However, they still tend to follow predictable patterns that are easier to attack. The crux of the problem is users’ memory limitations. Users are the weakest link in password authentication mechanism. It shows that baroque music has positive effects on human memorizing and learning. We introduce baroque music to the PassPoints graphical password scheme and conduct a laboratory study in this paper. Results shown that there is no statistic difference between the music group and the control group without music in shortterm recall experiments, both had high recall success rates. But in long-term recall, the music group performed signifi- cantly better. We also found that the music group tended to set significantly more complicated passwords, which are usually more resistant to dictionary and other guess attacks. But compared with the control group, the music group took more time to log in both in short-term and long-term tests. Besides, it appears that background music does not work in terms of hotspots.

Highlights

  • Alphanumeric passwords are widely used in identity authentication to protect users’ privacy

  • (2) Passwords should be secure, i.e. they should be random-looking and should be hard to guess; they should be changed frequently, and should be different for multi-accounts; they should not be written down or stored in plain text. Meeting these conditions is almost impossible for humans, with the result that the use of alphanumeric passwords was putted in dilemma: that long complicated passwords are hard for people to remember, while shorter ones are susceptible to attack

  • We investigate the novel idea of introducing background baroque music to the PassPoints graphical password scheme with the purpose of alleviating users’ memory burden and improving usable security

Read more

Summary

Introduction

Alphanumeric passwords are widely used in identity authentication to protect users’ privacy. (2) Passwords should be secure, i.e. they should be random-looking and should be hard to guess; they should be changed frequently, and should be different for multi-accounts; they should not be written down or stored in plain text. Problem arises because such passwords are expected to meet two conflicting requirements: (1) Passwords should be easy to remember, and the user authentication protocol should be executable quickly and . Meeting these conditions is almost impossible for humans, with the result that the use of alphanumeric passwords was putted in dilemma: that long complicated passwords are hard for people to remember, while shorter ones are susceptible to attack. Users still tend to choose passwords that are memorable in some way, which means that the graphical passwords still tend to follow predictable patterns that are easier for attackers to exploit [4, 16, 23]

Methods
Results
Discussion
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call