A Novel Cue based Picture Word Shape Character Password Creation Scheme

A Novel Cue based Picture Word Shape Character Password Creation Scheme

Kevin Curran (Ulster University, Londonderry, UK) and Andrew Snodgrass (Ulster University, Londonderry, UK)
Copyright: © 2015 |Pages: 23
DOI: 10.4018/IJDCF.2015070103
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

The number of internet users is growing at a rapid rate and this means users now have to remember passwords for many different accounts. The side effects of this increase of user accounts is that users are putting password usability before password security in order to remember these passwords. This paper outlines a novel password creation scheme for creating strong, secure unique passwords that are easier for users to remember on multiple sites. The scheme includes features to more easily create a secure password and recall this password, whilst including multiple layers of security against a targeted attack by an adversary. Results showed that users who did not use a scheme had a much lower login success rate for their accounts than the users who used the created scheme. They also showed that the average password length for each group of users was the same meaning the created scheme passwords in this sample has no greater protection against brute-force attacks, but in terms of dictionary and hybrid attacks the scheme passwords generally seemed to have a lot more protection.
Article Preview

2. Passwords

A password “is a secret (typically a character string) that a claimant uses to authenticate its identity” (Scarfone and Souppaya, 2009). Passwords are the first line of defence in many information systems and this highlights the importance of password security, but Taneski et al. (2014) concluded that “the computer community has not made a very much-needed shift in password management for more than 35 years”. Over thirty years ago, Morris and Thompson (1979) found that the majority of user’s passwords were too short, contained only lower case letters or digits, and were easily found in dictionaries. Looking at information released recently it can be seen that little has changed. SplashData (2014), a company that develops password management applications, compiles a list of the most commonly used passwords and posts this annually. In 2013, the top password was “123456” followed closely by “password”, “admin”, and “monkey”, to list a few other examples. These passwords provide little protection as they can be guessed very easily and despite increased advice on password creation with the multitude of user accounts today, users still tend to create weak passwords. With the large increase in internet connected users in recent years, the number of online accounts has grown rapidly. Many of these accounts such as email, social networks, and online banking contain personal information meaning password security should not be a compromise. As well as multiple online accounts, users may have to create and remember passwords for a growing number of devices such as their PCs, tablets, and phones.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing