chi as son slides
TRANSCRIPT
-
8/8/2019 Chi as Son Slides
1/12
Accessibility andAccessibility and
Graphical PasswordsGraphical PasswordsSonia Chiasson, Alain Forget, Robert Biddle
Carleton University, Ottawa, Canada
-
8/8/2019 Chi as Son Slides
2/12
Click-based graphical passwordsClick-based graphical passwords
PassPoints
Cued Click-Points
(CCP)
Persuasive CCP (PCCP)
2http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
3/12
Accessibility?Accessibility?
Inaccessible for some user populations Rely on vision
Rely on fine motor control
1 23
4 5
3http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
4/12
Content vs PresentationContent vs Presentation
Semantic content should be separated frompresentation modality Same content linked with different modalities
E.g. Cascading Style Sheets in web design
4http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
5/12
Structure of click-basedStructure of click-based
graphical passwordsgraphical passwords
Presentation: Cue System triggers memory of password
Displays image
Selection: Response User provides secret
Clicks on specific area
5http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
6/12
Generalized Cue-ResponseGeneralized Cue-Response
Authentication ModelAuthentication Model
Presentation: any cue, any modality Image, text, sound, haptic, video
Response: any user input, any modality Clicking, typing, verbal, gesture, mouse movement
6http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
7/12
Example: PassSoundsExample: PassSounds
Cue: Music clip What is an acceptable length?
Response: Click at appropriate time How accurate can users be?
Musicians can synchronize at approximately 250ms
How many clicks?
7http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
8/12
PassSounds: SecurityPassSounds: Security
PassPoints: Image size 451x331
5 clicks
Tolerance 19x19 Theoretical passwordspace 1.2 x 1013 43bits
PassSounds: 30-second clip
5 clicks
Tolerance 1 second
Theoretical passwordspace 1.4 x 105 17bits
8http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
9/12
Hotspots and PatternsHotspots and Patterns
PassPoints Choose similar
Click-points on animage (hotspots)
Patterns (lines)
Minimize by:
Using several images
Helping selectpasswords
PassSounds Choose points related to
Lyrics
Beats
Sequential order
Minimize by:
Using several clips?
Suggesting clicks? Identifying other
elements in the clip?
9http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
10/12
AlternativesAlternatives
Any combination of presentation and response Audio
As a cue to trigger behaviour other than click Haptics
As a cue or as input
Allow users to select their preferred modalitiesfor a given system In-progress
Caution: Cue and response cannot be evaluated in isolation
10http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
11/12
SummarySummary
General cue-response authentication Allows for
separation of cue and response
modalities most appropriate for different users
11http://hotsoft.carleton.ca
-
8/8/2019 Chi as Son Slides
12/12
[email protected]@scs.carleton.ca
http://hotsoft.carleton.ca/securityhttp://hotsoft.carleton.ca/security
http://hotsoft.carleton.ca 12