Various graphical passwords have been proposed as an alternative to traditional alphanumeric passwords and Microsoft has applied a graphical scheme in the operating system Windows 8. As a new type of password scheme, potential security problems such as hot-spots may exist. In this paper, we study user choice in Windows 8 graphical password scheme by both lab and field studies and analyze the hot-spots caused by user choice. Our analysis shows that there are many significant hot-spots in the background image when users set their passwords using Microsoft's guidance. Then, based on the data of field study, we conducted a simulated human-seeded attack to prove our conclusion. The success rate of 66.69% and 54.46% also provide strong proof of the hot-spots in Windows 8 graphical password scheme. Finally, we designed a simulated automated attack and obtained a success rate of 42.86%. © Springer International Publishing Switzerland 2013.
CITATION STYLE
Gao, H., Jia, W., Liu, N., & Li, K. (2013). The hot-spots problem in windows 8 graphical password scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8300 LNCS, pp. 349–362). https://doi.org/10.1007/978-3-319-03584-0_26
Mendeley helps you to discover research relevant for your work.