On quantifying the effective password space of grid-based unlock gestures

Zezschwitz, E. von; Eiband, M.; Buschek, D.; Oberhuber, S.; Luca, A. de; Alt, F.; Hussmann, H.

2016

Konferenzbeitrag

Abstract

We present a similarity metric for Android unlock patterns to quantify the effective password space of user-defined gestures. Our metric is the first of its kind to reflect that users choose patterns based on human intuition and interest in geometric properties of the resulting shapes. Applying our metric to a dataset of 506 user-defined patterns reveals very similar shapes that only differ by simple geometric transformations such as rotation. This shrinks the effective password space by 66% and allows informed guessing attacks. Consequently, we present an approach to subtly nudge users to create more diverse patterns by showing background images and animations during pattern creation. Results from a user study (n = 496) show that applying such countermeasures can significantly increase pattern diversity. We conclude with implications for pattern choices and the design of enrollment processes.

Author(s)

Zezschwitz, E. von

Eiband, M.

Buschek, D.

Oberhuber, S.

Luca, A. de

Alt, F.

Hussmann, H.

Hauptwerk

15th International Conference on Mobile and Ubiquitous Multimedia, MUM 2016. Proceedings

Konferenz

International Conference on Mobile and Ubiquitous Multimedia (MUM) 2016

Options

On quantifying the effective password space of grid-based unlock gestures