Abstract
Various graphical passwords have been proposed as an alternative to traditional alphanumeric passwords and Microsoft has applied a graphical scheme in the operating system Windows 8. As a new type of password scheme, potential security problems such as hot-spots may exist. In this paper, we study user choice in Windows 8 graphical password scheme by both lab and field studies and analyze the hot-spots caused by user choice. Our analysis shows that there are many significant hot-spots in the background image when users set their passwords using Microsoft’s guidance. Then, based on the data of field study, we conducted a simulated human-seeded attack to prove our conclusion. The success rate of 66.69% and 54.46% also provide strong proof of the hot-spots in Windows 8 graphical password scheme. Finally, we designed a simulated automated attack and obtained a success rate of 42.86%.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
