An Experiment to Evaluate IoT Application Security Scheme (IoTGazePass)

Abstract

IoTGazePass is a new password scheme that has been designed to tackle the weaknesses of existing types of passwords. It is intended to be suitable for IoT applications. An experiment was conducted to evaluate the strengths and weaknesses of the IoTGazePass scheme (e.g., security, usability and memorability). The evaluation aspects include a comparison with traditional textual and graphical based passwords in terms of memorability and security of the passwords. The results of the evaluation indicate that the IoTGazePass scheme is easy to use, memorable and flexible, as it can generate strong, secure and scalable passwords. The experiment results have also showed that the IoTGazePass scheme have good ability to deal with shoulder surfing attacks. In fact, the experiment results lead to some recommendations and suggestions to improve the planned performance.