Bulling, Andreas and Alt, Florian and Schmidt, Albrecht (2012) Increasing the security of gaze-based cued-recall graphical passwords using saliency masks. In: Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems :. CHI '12 . ACM, New York, pp. 3011-3020. ISBN 978-1-4503-1015-4
Full text not available from this repository.Abstract
With computers being used ever more ubiquitously in situations where privacy is important, secure user authentication is a central requirement. Gaze-based graphical passwords are a particularly promising means for shoulder-surfing-resistant authentication, but selecting secure passwords remains challenging. In this paper, we present a novel gaze-based authentication scheme that makes use of cued-recall graphical passwords on a single image. In order to increase password security, our approach uses a computational model of visual attention to mask those areas of the image that are most likely to attract visual attention. We create a realistic threat model for attacks that may occur in public settings, such as filming the user's interaction while drawing money from an ATM. Based on a 12-participant user study, we show that our approach is significantly more secure than a standard image-based authentication and gaze-based 4-digit PIN entry.