A security assessment of tiles: a new portfolio-based graphical authentication system

James Nicholson; Paul Dunphy; Lynne Coventry; Pam Briggs; Patrick Olivier

doi:10.1145/2212776.2223737

A security assessment of tiles: a new portfolio-based graphical authentication system

James Nicholson
, Paul Dunphy
, Lynne Coventry
, Pam Briggs
, Patrick Olivier

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

Original language	English
Title of host publication	CHI EA '12
Subtitle of host publication	CHI '12 Extended Abstracts on Human Factors in Computing Systems
Place of Publication	New York
Publisher	Association for Computing Machinery (ACM)
Pages	1967-1972
Number of pages	6
ISBN (Print)	9781450310161
DOIs	https://doi.org/10.1145/2212776.2223737
Publication status	Published - 5 May 2012
Externally published	Yes
Event	30th ACM Conference on Human Factors in Computing Systems: It's the experience! - Austin, United States Duration: 5 May 2012 → 10 May 2012 Conference number: 30th https://chi2012.acm.org/index.shtml

Conference

Conference	30th ACM Conference on Human Factors in Computing Systems
Abbreviated title	CHI 2012
Country/Territory	United States
City	Austin
Period	5/05/12 → 10/05/12
Internet address	https://chi2012.acm.org/index.shtml

Keywords

Shoulder surfing
Graphical passwords
Authentication
Usable security
Graphical authentication systems

Access to Document

10.1145/2212776.2223737

Cite this

@inproceedings{a902145cfe8f4e05bca21aaa473a05b0,

title = "A security assessment of tiles: a new portfolio-based graphical authentication system",

abstract = "In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.",

author = "James Nicholson and Paul Dunphy and Lynne Coventry and Pam Briggs and Patrick Olivier",

year = "2012",

month = may,

day = "5",

doi = "10.1145/2212776.2223737",

language = "English",

isbn = "9781450310161",

pages = "1967--1972",

booktitle = "CHI EA '12",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "30th ACM Conference on Human Factors in Computing Systems : It's the experience!, CHI 2012 ; Conference date: 05-05-2012 Through 10-05-2012",

url = "https://chi2012.acm.org/index.shtml",

}

Nicholson, J, Dunphy, P, Coventry, L, Briggs, P & Olivier, P 2012, A security assessment of tiles: a new portfolio-based graphical authentication system. in CHI EA '12: CHI '12 Extended Abstracts on Human Factors in Computing Systems. Association for Computing Machinery (ACM), New York, pp. 1967-1972, 30th ACM Conference on Human Factors in Computing Systems, Austin, Texas, United States, 5/05/12. https://doi.org/10.1145/2212776.2223737

A security assessment of tiles: a new portfolio-based graphical authentication system. / Nicholson, James; Dunphy, Paul; Coventry, Lynne et al.
CHI EA '12: CHI '12 Extended Abstracts on Human Factors in Computing Systems. New York: Association for Computing Machinery (ACM), 2012. p. 1967-1972.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A security assessment of tiles

T2 - 30th ACM Conference on Human Factors in Computing Systems

AU - Nicholson, James

AU - Dunphy, Paul

AU - Coventry, Lynne

AU - Briggs, Pam

AU - Olivier, Patrick

N1 - Conference code: 30th

PY - 2012/5/5

Y1 - 2012/5/5

N2 - In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

AB - In this paper we propose Tiles, a graphical authentication system in which users are assigned a target image and subsequently asked to select segments of that image. We assess the extent to which this system provides protection against two security threats: observation attacks and sharing of authentication credentials in two laboratory-based studies. We note some of the vulnerabilities of the new system but provide evidence that automated manipulation of the similarity of the decoy images can help mitigate the threat from verbal sharing and observation attacks.

U2 - 10.1145/2212776.2223737

DO - 10.1145/2212776.2223737

M3 - Conference contribution

SN - 9781450310161

SP - 1967

EP - 1972

BT - CHI EA '12

PB - Association for Computing Machinery (ACM)

CY - New York

Y2 - 5 May 2012 through 10 May 2012

ER -

A security assessment of tiles: a new portfolio-based graphical authentication system

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this