TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones

Weizhi Meng, Zhe Liu*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Although textual passwords are the most widely adopted authentication method, they are vulnerable to many known limitations. Graphical password is considered as one alternative to complement the existing authentication systems, based on the observation that humans can remember images better than textual information. In order to obtain a large password space, geographical passwords have received much attention, which enable users to select one or more places on a map for authentication. For example, PassMap requires users to choose two places on a world map as their credentials, and GeoPass enables users to click only one place for authentication. However, we identify that users are able to perform more particular gestures like touch movement on mobile devices as compared to a common computer. Motivated by the observation, in this work, we develop TMGMap, a touch movement-based geographical password scheme on smartphones, which allows users to draw their secrets on a world map via touch movement events. We conducted a user study with a total of 60 participants, and found that users could achieve better results with our scheme in the aspects of both security and usability, as compared to similar schemes.
Original languageEnglish
Title of host publicationInformation Security Practice and Experience
PublisherSpringer
Publication date2018
Pages373-390
ISBN (Print)9783319998060
DOIs
Publication statusPublished - 2018
Event14th International Conference on Information Security Practice and Experience - Tokyo Campus, University of Tsukuba, Tokyo, Japan
Duration: 25 Sep 201827 Sep 2018
http://www.risk.tsukuba.ac.jp/ispec2018/

Conference

Conference14th International Conference on Information Security Practice and Experience
LocationTokyo Campus, University of Tsukuba
CountryJapan
CityTokyo
Period25/09/201827/09/2018
Internet address
SeriesLecture Notes in Computer Science
Volume11125
ISSN0302-9743

Keywords

  • Computer Science
  • Systems and Data Security
  • Graphical password
  • Smartphone security
  • User authentication
  • Touch dynamics
  • Biometric authentication

Cite this

Meng, W., & Liu, Z. (2018). TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones. In Information Security Practice and Experience (pp. 373-390). Springer. Lecture Notes in Computer Science, Vol.. 11125 https://doi.org/10.1007/978-3-319-99807-7_23
Meng, Weizhi ; Liu, Zhe. / TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones. Information Security Practice and Experience. Springer, 2018. pp. 373-390 (Lecture Notes in Computer Science, Vol. 11125).
@inproceedings{44ca954a6a8f4c8aaf272df4aaa3e9e7,
title = "TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones",
abstract = "Although textual passwords are the most widely adopted authentication method, they are vulnerable to many known limitations. Graphical password is considered as one alternative to complement the existing authentication systems, based on the observation that humans can remember images better than textual information. In order to obtain a large password space, geographical passwords have received much attention, which enable users to select one or more places on a map for authentication. For example, PassMap requires users to choose two places on a world map as their credentials, and GeoPass enables users to click only one place for authentication. However, we identify that users are able to perform more particular gestures like touch movement on mobile devices as compared to a common computer. Motivated by the observation, in this work, we develop TMGMap, a touch movement-based geographical password scheme on smartphones, which allows users to draw their secrets on a world map via touch movement events. We conducted a user study with a total of 60 participants, and found that users could achieve better results with our scheme in the aspects of both security and usability, as compared to similar schemes.",
keywords = "Computer Science, Systems and Data Security, Graphical password, Smartphone security, User authentication, Touch dynamics, Biometric authentication",
author = "Weizhi Meng and Zhe Liu",
year = "2018",
doi = "10.1007/978-3-319-99807-7_23",
language = "English",
isbn = "9783319998060",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "373--390",
booktitle = "Information Security Practice and Experience",

}

Meng, W & Liu, Z 2018, TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones. in Information Security Practice and Experience. Springer, Lecture Notes in Computer Science, vol. 11125, pp. 373-390, 14th International Conference on Information Security Practice and Experience, Tokyo, Japan, 25/09/2018. https://doi.org/10.1007/978-3-319-99807-7_23

TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones. / Meng, Weizhi; Liu, Zhe.

Information Security Practice and Experience. Springer, 2018. p. 373-390 (Lecture Notes in Computer Science, Vol. 11125).

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones

AU - Meng, Weizhi

AU - Liu, Zhe

PY - 2018

Y1 - 2018

N2 - Although textual passwords are the most widely adopted authentication method, they are vulnerable to many known limitations. Graphical password is considered as one alternative to complement the existing authentication systems, based on the observation that humans can remember images better than textual information. In order to obtain a large password space, geographical passwords have received much attention, which enable users to select one or more places on a map for authentication. For example, PassMap requires users to choose two places on a world map as their credentials, and GeoPass enables users to click only one place for authentication. However, we identify that users are able to perform more particular gestures like touch movement on mobile devices as compared to a common computer. Motivated by the observation, in this work, we develop TMGMap, a touch movement-based geographical password scheme on smartphones, which allows users to draw their secrets on a world map via touch movement events. We conducted a user study with a total of 60 participants, and found that users could achieve better results with our scheme in the aspects of both security and usability, as compared to similar schemes.

AB - Although textual passwords are the most widely adopted authentication method, they are vulnerable to many known limitations. Graphical password is considered as one alternative to complement the existing authentication systems, based on the observation that humans can remember images better than textual information. In order to obtain a large password space, geographical passwords have received much attention, which enable users to select one or more places on a map for authentication. For example, PassMap requires users to choose two places on a world map as their credentials, and GeoPass enables users to click only one place for authentication. However, we identify that users are able to perform more particular gestures like touch movement on mobile devices as compared to a common computer. Motivated by the observation, in this work, we develop TMGMap, a touch movement-based geographical password scheme on smartphones, which allows users to draw their secrets on a world map via touch movement events. We conducted a user study with a total of 60 participants, and found that users could achieve better results with our scheme in the aspects of both security and usability, as compared to similar schemes.

KW - Computer Science

KW - Systems and Data Security

KW - Graphical password

KW - Smartphone security

KW - User authentication

KW - Touch dynamics

KW - Biometric authentication

U2 - 10.1007/978-3-319-99807-7_23

DO - 10.1007/978-3-319-99807-7_23

M3 - Article in proceedings

SN - 9783319998060

T3 - Lecture Notes in Computer Science

SP - 373

EP - 390

BT - Information Security Practice and Experience

PB - Springer

ER -

Meng W, Liu Z. TMGMap: Designing Touch Movement-Based Geographical Password Authentication on Smartphones. In Information Security Practice and Experience. Springer. 2018. p. 373-390. (Lecture Notes in Computer Science, Vol. 11125). https://doi.org/10.1007/978-3-319-99807-7_23