TU Darmstadt / ULB / TUbiblio

Authentication Schemes - Comparison and Effective Password Spaces

Mayer, Peter ; Volkamer, Melanie ; Kauer, Michaela
Prakash, Atul ; Shyamasundar, Rudrapatna (eds.) :

Authentication Schemes - Comparison and Effective Password Spaces.
In: International Conference on Information Systems Security (ICISS), 16-20.12.2014, Hyderabad, India. In: Lecture notes in computer science , 8880 . Springer International Publishing , Berlin, Cham
[ Konferenzveröffentlichung] , (2014)

Kurzbeschreibung (Abstract)

Text passwords are ubiquitous in authentication. Despite this ubiquity, they have been the target of much criticism. One alternative to the pure recall text passwords are graphical authentication schemes. The different proposed schemes harness the vast visual memory of the human brain and exploit cued-recall as well as recognition in addition to pure recall. While graphical authentication in general is promising, basic research is required to better understand which schemes are most appropriate for which scenario (incl. security model and frequency of usage). This paper presents a comparative study in which all schemes are configured to the same effective password space (as used by large Internet companies). The experiment includes both, cued-recall-based and recognition-based schemes. The results demonstrate that recognition-based schemes have the upper hand in terms of effectiveness and cued-recall-based schemes in terms of efficiency. Thus, depending on the scenario one or the other approach is more appropriate. Both types of schemes have lower reset rates than text passwords which might be of interest in scenarios with limited support capacities.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2014
Herausgeber: Prakash, Atul ; Shyamasundar, Rudrapatna
Autor(en): Mayer, Peter ; Volkamer, Melanie ; Kauer, Michaela
Titel: Authentication Schemes - Comparison and Effective Password Spaces
Sprache: Englisch
Kurzbeschreibung (Abstract):

Text passwords are ubiquitous in authentication. Despite this ubiquity, they have been the target of much criticism. One alternative to the pure recall text passwords are graphical authentication schemes. The different proposed schemes harness the vast visual memory of the human brain and exploit cued-recall as well as recognition in addition to pure recall. While graphical authentication in general is promising, basic research is required to better understand which schemes are most appropriate for which scenario (incl. security model and frequency of usage). This paper presents a comparative study in which all schemes are configured to the same effective password space (as used by large Internet companies). The experiment includes both, cued-recall-based and recognition-based schemes. The results demonstrate that recognition-based schemes have the upper hand in terms of effectiveness and cued-recall-based schemes in terms of efficiency. Thus, depending on the scenario one or the other approach is more appropriate. Both types of schemes have lower reset rates than text passwords which might be of interest in scenarios with limited support capacities.

Buchtitel: Information Systems Security : International Conference on Information Systems Security (ICISS)
Reihe: Lecture notes in computer science
Band: 8880
Ort: Berlin, Cham
Verlag: Springer International Publishing
Kollation: 478 Seiten
Freie Schlagworte: Security, Usability and Society;Secure Data;Usable Security; Authentication; Graphical Passwords
Fachbereich(e)/-gebiet(e): 16 Fachbereich Maschinenbau
16 Fachbereich Maschinenbau > Institut für Arbeitswissenschaft (IAD)
20 Fachbereich Informatik
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Veranstaltungstitel: International Conference on Information Systems Security (ICISS)
Veranstaltungsort: Hyderabad, India
Veranstaltungsdatum: 16-20.12.2014
Hinterlegungsdatum: 25 Nov 2014 08:23
DOI: 10.1007/978-3-319-13841-1_12
ID-Nummer: TUD-CS-2014-0943
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen