PassShapes: utilizing stroke based authentication to increase password memorability


Authentication today mostly relies on passwords or personal identification numbers (PINs). Therefore the average user has to remember an increasing amount of PINs and passwords. Unfortunately, humans have limited capabilities for remembering abstract alphanumeric sequences. Thus, many people either forget them or use very simple ones, which implies several security risks. In this work, a novel authentication method called PassShapes is presented. In this system users authenticate themselves to a computing system by drawing simple geometric shapes constructed of an arbitrary combination of eight different strokes. We argue that using such shapes will allow more complex and thus more secure authentication tokens with a lower cognitive load and higher memorability. To prove these assumptions, two user studies have been conducted. The memorability evaluation showed that the PassShapes concept is able to increase the memorability when users can practice the PassShapes several times. This effect is even increasing over time. Additionally, a prototype was implemented to conduct a usability study. The results of both studies indicate that the PassShapes approach is able to provide a usable and memorable authentication method.

DOI: 10.1145/1463160.1463202

Extracted Key Phrases

10 Figures and Tables

Citations per Year

76 Citations

Semantic Scholar estimates that this publication has 76 citations based on the available data.

See our FAQ for additional information.

Cite this paper

@inproceedings{Weiss2008PassShapesUS, title={PassShapes: utilizing stroke based authentication to increase password memorability}, author={Roman Weiss and Alexander De Luca}, booktitle={NordiCHI}, year={2008} }