Composition policies for gesture passwords: User choice, security, usability and memorability
| dc.contributor | Aalto-yliopisto | fi |
| dc.contributor | Aalto University | en |
| dc.contributor.author | Clark, Gradeigh | en_US |
| dc.contributor.author | Lindqvist, Janne | en_US |
| dc.contributor.author | Oulasvirta, Antti | en_US |
| dc.contributor.department | Department of Communications and Networking | en |
| dc.contributor.groupauthor | Helsinki Institute for Information Technology (HIIT) | en |
| dc.contributor.groupauthor | User Interfaces | en |
| dc.contributor.organization | Rutgers, The State University of New Jersey | en_US |
| dc.date.accessioned | 2018-03-16T10:31:11Z | |
| dc.date.available | 2018-03-16T10:31:11Z | |
| dc.date.issued | 2017 | en_US |
| dc.description.abstract | Research on gesture passwords suggest they are highly usable and secure, leading them to be proposed as a strong alternative authentication method for touchscreen devices. However, studies demonstrate that user-chosen gesture passwords are biased towards familiar symbols, increasing the risk of guessing. Prior work on gesture elicitation focuses on creating sets with high overlap, but gesture passwords require solving an inverse problem: minimal overlap between different users. We present the results of the first study (N = 128) of composition policies for gesture passwords, wherein we compare four policies derived from unique properties of gesture passwords. Our main result is that implementing a policy changes user choice, security, usability, and memorability compared to a control group and that the strength of those changes depend on the policies. We report trade-offs among the instruction policies while showing that simple policies cause users to choose stronger and diverse gesture passwords. | en |
| dc.description.version | Peer reviewed | en |
| dc.format.extent | 9 | |
| dc.format.mimetype | application/pdf | en_US |
| dc.identifier.citation | Clark, G, Lindqvist, J & Oulasvirta, A 2017, Composition policies for gesture passwords: User choice, security, usability and memorability. in 2017 IEEE Conference on Communications and Network Security (CNS). IEEE Conference on Communications and Network Security, IEEE, IEEE Conference on Communications and Network Security, Las Vegas, Nevada, United States, 09/10/2017. https://doi.org/10.1109/CNS.2017.8228644 | en |
| dc.identifier.doi | 10.1109/CNS.2017.8228644 | en_US |
| dc.identifier.isbn | 978-1-5386-0684-1 | |
| dc.identifier.isbn | 978-1-5386-0683-4 | |
| dc.identifier.issn | 2474-025X | |
| dc.identifier.other | PURE UUID: 0b2356c6-c181-4f34-8eb3-7ad35101f8d1 | en_US |
| dc.identifier.other | PURE ITEMURL: https://research.aalto.fi/en/publications/0b2356c6-c181-4f34-8eb3-7ad35101f8d1 | en_US |
| dc.identifier.other | PURE FILEURL: https://research.aalto.fi/files/17418533/oulasvirta_et_al_CNS17_gesturepolicies.pdf | en_US |
| dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/30245 | |
| dc.identifier.urn | URN:NBN:fi:aalto-201803161715 | |
| dc.language.iso | en | en |
| dc.relation.ispartof | IEEE Conference on Communications and Network Security | en |
| dc.relation.ispartofseries | 2017 IEEE Conference on Communications and Network Security (CNS) | en |
| dc.relation.ispartofseries | IEEE Conference on Communications and Network Security | en |
| dc.rights | openAccess | en |
| dc.title | Composition policies for gesture passwords: User choice, security, usability and memorability | en |
| dc.type | A4 Artikkeli konferenssijulkaisussa | fi |
| dc.type.version | acceptedVersion |