RSVP a temporal method for graphical authentication

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

International Journal of Information Security and Privacy Pub Date : 2017-10-02 DOI:10.1080/15536548.2017.1397263

Ashley A. Cain, J. Still

引用次数: 4

Abstract

ABSTRACT We present a Rapid, Serial, Visual Presentation method (RSVP) for recognition-based graphical authentication. It presents a stream of rapid, degraded images, which makes the object recognition process difficult for casual attackers. Three studies investigated success rates for authenticating, RSVP’s resistance to over-the-shoulder attacks (OSAs), approaches for facilitating learnability, and effects of resetting a passcode. We found that participants could successfully authenticate and could not complete OSAs. Learnability was promoted by the presentation of degraded versions of the images during the memorization phase. When a passcode was reset, participants successfully retrained themselves even when the previous passcode was recycled as distractors.

查看原文本刊更多论文

RSVP是图形身份验证的临时方法

提出了一种快速、串行、可视化的基于识别的图形认证方法(RSVP)。它呈现出一系列快速的、退化的图像，这使得随机攻击者难以识别目标。三项研究调查了身份验证的成功率、RSVP对过肩攻击(osa)的抵抗力、促进易学性的方法以及重置密码的效果。我们发现参与者可以成功验证，但不能完成osa。在记忆阶段，通过呈现图像的降级版本来促进易学性。当重置密码时，参与者成功地重新训练了自己，即使之前的密码被作为干扰物循环使用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-

CiteScore

2.50

自引率

0.00%

发文量

期刊介绍： As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.