Biometric authentication gradually replaces knowledge-based methods on mobile devices. However, Personal Identification Numbers, passcodes, and graphical password schemes such as the Android Pattern Unlock (APU) are often the primary means for authentication, or they constitute an auxiliary (or backup) method to be used in case biometrics fail. Passcodes need to be memorable to be usable, hence users tend to choose easy to guess passwords, compromising security. The APU is a great example of a popular and usable graphical password scheme which can be easily compromised, by exploiting common and predominant human behavioristic traits. Despite its vulnerabilities, the scheme’s popularity has led researchers to propose adjustments and variations that enhance security but maintain its familiar user interface. Nevertheless, prior work demonstrated that improving security while preserving usability remains frequently a hard task. In this paper we propose a novel graphical password scheme built on the foundations of the well-accepted APU method, which is usable, inclusive, universal, and robust against shoulder surfing and smudge attacks. Our scheme, named Bu-Dash, features a dynamic user interface that mutates every time a user swipes the screen. Our pilot studies illustrate that Bu-Dash attracts positive user acceptance rates and maintains acceptable usability levels.
CITATION STYLE
Andriotis, P., Kirby, M., & Takasu, A. (2022). Bu-Dash: A Universal and Dynamic Graphical Password Scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 13333 LNCS, pp. 209–227). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-05563-8_14
Mendeley helps you to discover research relevant for your work.