Universal multi-factor authentication using graphical passwords

SITIS 2008 - Proceedings of the 4th International Conference on Signal Image Technology and Internet Based Systems

Volumn , Issue , 2008, Pages 625-632

  Sabzevar, Alireza Pirayesh ^a   Stavrou, Angelos ^a  

^a George Mason University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CELL PHONES; GRAPHICAL PASSWORDS; HAND HELD DEVICES; MULTI-FACTOR AUTHENTICATIONS; SERVICE PROVIDERS; SHOULDER SURFINGS; USER NEEDS;

ACCESS CONTROL; CELLULAR TELEPHONE SYSTEMS; HAND HELD COMPUTERS; INTERNET; SECURITY OF DATA; TELECOMMUNICATION EQUIPMENT;

AUTHENTICATION;

EID: 60349100344     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SITIS.2008.92     Document Type: Conference Paper

References (24)

1. quot;Authentication," in Wikipedia, the free encyclopedi. http://cn.wikipedia.org/wiki/Authentication.
2. quot;Amecisco Inc.," http://www.kcyloggcr.com.
3. G. E. Blonder, "Graphical passwords," US Patent 5,559,961, 1996.
4. N. J. D. Kirovski, and P. Roberts, "Click Passwords," in IFIP International Information Security Conference, 2006.
5. R. Dhamija and A. Perrig, "Déjà Vu: a user study using images for authentication," USENIX Association Berkeley, CA, USA, 2000, pp. 4-4.
6. T. Pering, M. Sundar, J. Light, and R. Want, "Photographic authentication through untrusted terminals," Pervasive Computing, IEEE, vol. 2, pp. 30-36, 2003.
7. S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, "PassPoints: Design and longitudinal evaluation of a graphical password system," International Journal of Human-Computer Studies, vol. 63, pp. 102-127, 2005.
8. D. L. Nelson, Reed, U. S., & Walling, J. R. , "Pictorial superiority effect," Journal of Experimental Psychology: Human Learning & Memory, vol. 2, pp. 523-528, 1976.
9. D. V. Klein, "Foiling the Cracker: A Survey of, and Improvements to, Password Security," Proceedings of the USENIX UNIX Security Workshop, (Portland), pp. 5-14, 1990.
10. V. Roth, K. Richter, and R. Freidinger, "A Pl'N-entry method resilient against shoulder surfing," Proceedings of the 11th ACM conference on Computer and communications security, pp. 236-245, 2004.
11. M. Kumar, T. Garfinkel, D. Boneh, and T. Winograd, "Reducing shoulder-surfing by using gaze-based password entry," Proceedings of the 3rd symposium on Usable privacy and security. pp. 13-19,2007.
12. X. Suo, Y. Zhu, and G. S. Owen, "Graphical Passwords: A Survey," IEEE Computer Society Washington, DC, USA, 2005, pp. 463-472.
13. S. Wiedenbeck, J. Waters, L. Sobrado, and J. C. Birget, "Design and evaluation of a shoulder-surfing resistant graphical password scheme," in Proceedings of the working conference on Advanced visual interfaces, Venezia, Italy, 2006, pp. 177-184.
14. J. Thorpe and P. C. van Oorschot, "Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords," in Proceedings of the 16 thAnnual Usenix Security Symposium, 2007.
15. quot;Positive Networks, the company, PhoneFactor," http://www.phoncfactor.com.
16. D. Geer, "Security technologies go phishing," Computer, vol. 38, pp. 18-21, 2005.
17. quot;SiteKey at Bank of America," in http://www.bankofamerica. com/privacy/sitekey/.
18. S. Chiasson, R. Biddle, and P. C. van Oorschot, "A second look at the usability of click-based graphical passwords," in Proceedings of the 3rd symposium on Usable privacy and securit. Pittsburgh, Pennsylvania 2007, pp. 1-12.
19. quot;Passfaces, the company," http://wvvw.passlaces.coni/.
20. quot;e-surveiller," in http://e-surveiller.com/: SurveilleTech LLC
21. quot;RSA, the company, RSA mobile," in http://www.rsa.com/press- release.aspx?id=1506
22. S. G. M Wu, R Miller "Secure Web Authentication with Mobile Phones," in DIMACS Workshop on Usable Privacy and Security Software, 2004.
23. R. Sharp, J. Scott, and A. Beresford, "Secure mobile computing via public terminals," in Proceedings of the International Conference on Pervasive, Dublin, Ireland, 2006.
24. M. Mannan and P. C. van Oorschot, "Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer," Financial Cryptography and Data Security (FC'07), 2007.