visual authentication mechanisms. rationale “human memory for images is better than for words”...
TRANSCRIPT
![Page 1: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/1.jpg)
Visual AuthenticationMechanisms
![Page 2: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/2.jpg)
Rationale
• “Human memory for images is better than for words”
• Human memory for faces in particular is extremely good.
![Page 3: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/3.jpg)
Graphical Cues - Passfaces
• 1 response, 8 distractors
• 4 panels• High recall rates
after long periods of non-use
![Page 4: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/4.jpg)
Passfaces
• Pros– Good recall rates even after long periods of non-use
(95% after one week, ~90% after up to 3 months)
• Cons– load on end-system and network
– Takes longer than standard password; not suitable for frequent tasks (see Brostoff & Sasse, 2000)
– performance plummets with change more than one set of faces is used
![Page 5: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/5.jpg)
Graphical cues - Déjà vu
• User creates image portfolio, selecting random art images from a set
• System presents challenge set, user picks correct response– n portfolio images from set of m distractors– 1 image from n sets
![Page 6: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/6.jpg)
![Page 7: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/7.jpg)
Déjà vu
• Pros– Registration is faster than photo– Better recall rates (90%) after one week than
password or PINs (65%) but worse than photo
• Cons– 70% of random art images are usable – selection
must be done by hand– Registration & login take longer than than PINs,
passwords, or photographs– Image files must be stored on trusted and secured
server (Kerberos)
![Page 8: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/8.jpg)
Graphical passwords – v-go
User clicks on a selected number of objects in particular order
![Page 9: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/9.jpg)
![Page 10: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/10.jpg)
Single sign-on
• Central service for authentication and changing passwords
• Server- or client-based• Password-based, graphics-based
– e.g. Passlogix v-go SSO• www.passlogix.com
• Biometric-based– e.g. Siemens ID mouse plus ID Centre
• http://www.siemensidmouse.com/
![Page 11: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/11.jpg)
Single sign-on
• Pros– Reduces number of user_ids and passwords– Can incorporate policies (e.g. password content and
change regimes)
• Cons– High cost of retro-fitting– Needs to be very well set up and administred to work
(users will have no idea about “downstream passwords)
– Server-based provides point of failure/vulnerability
![Page 12: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/12.jpg)
Compound Weak Clues
• Pros– Can use memorable clues
– Can be configured to tolerate some misses
• Cons– Takes longer than standard login
– Users often still unsure of “correct” answer e.g.• “Fake” answers to protect themselves
• Different ways of referring to first school
– Clues are not a secret
![Page 13: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/13.jpg)
Example: Compound Clues in Telephone Banking
Q: Letter 2 and 4 of your password?
A: i, and i
Q: First and last digit of your PIN?
A: 6 and 9
Q: What is your mother’s maiden name?
A: Kummerbund
Q: First school you visited?
A: Ampleforth
![Page 14: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/14.jpg)
Passfaces
• Use homogeneous image sets (same gender, same ethnicity)
• With multiple passwords, different image sets can be used
![Page 15: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/15.jpg)
Compound Weak Clues, v. 2
Q: Your password?
A: indiana
Q: Your PIN?
A: 6789
Q: What is your mother’s maiden name?
A: Kummerbund
Q: First school you visited?
A: Ampleforth
![Page 16: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/16.jpg)
Compound weak clues
• Are clues a secret?
• If not, users may attempt to “fix” this by generating “fake” answers, then have trouble recalling that/how they faked it.
![Page 17: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/17.jpg)
Changes to policies
• Increase number of login attempts– Many users succeed on 4th, 5th, 6th attempt
(see Brostoff & Sasse, 2003)
• Allow usage of same password on several systems
• Decrease frequency of password changes
![Page 18: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/18.jpg)
Personal Entropy (2)
• Reminder: Draw on strong personal memories that are well-established in long-term memory (childhood).
![Page 19: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/19.jpg)
“Choosing good questions is difficult but probably the most important part of the system.”
C. Ellison, C. Hall, R. Milbert & B. Schneier: Protecting secret keys with personal entropy.
![Page 20: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/20.jpg)
Example questions
Q: First song I danced to with an unrelated member of the opposite sex?
Q: First car I wish I could have owned?
Q: First car I drove?
Q: Where was I during my first romantic kiss?
![Page 21: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/21.jpg)
Example questions
1) Response to the sentence “I really like the clever way you ________”
2) (first) (last) (past) (prep) on the timetable
3) (past) (first) (last) in the swimming pool
![Page 22: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/22.jpg)
Custom questions
“It takes considerable time to get into the right frame of mind. However, once in that frame of mind, it is possible to generate prompts at the rate of about 1 per minute.”
C. Ellison, C. Hall, R. Milbert & B. Schneier: Protecting secret keys with personal entropy.
![Page 23: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/23.jpg)
Mnemonic techniques (1)
• Make up sentence to memorise password or PIN– Personal entropy– funny, outrageous content helps to memorise
(and prevents disclosure)– Tie word to name of system or application
(especially for owners of multiple passwords)– Repeat often during day of construction
![Page 24: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/24.jpg)
Examples
• Make up sentence on randomly generated phrase
m,1aNibs0n
• Make up your own phrase
wm”&itMoG
• Abbreviate and contract several words and use SALT
![Page 25: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/25.jpg)
Mnemonic techniques (2)
• Play to users’ memory strength– Visual (images)
n5us3Ff– Perceptual-motor (keyboard)
Ydceid[z– Rhymes, songs, poems
W1’m64
![Page 26: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/26.jpg)
Mnemonic techniques (3)
• Use context as cue or mnemonic– Physical environment– Workspace– People
v-go graphical passwords
![Page 27: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/27.jpg)
Personal Entropy
• Encrypting a password or passphrase using answers to several personal questions.
• Users can forget answers to a subset of questions and still recover the personal key.– Split long passphrase into several short ones that are
independent of each other; effort of guessing equivalent to brute force attack.
– Each encrypt each question separately, use personal hints to recover.
![Page 28: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/28.jpg)
Pro-active password checking• Purpose: prevent weak passwords• Regular checks on password file (sysadmin
mimicks hacker)• Immediate feedback at registration stage is
better• Feedback should be polite and constructive• Complex policies on password content +
unhelpful password checker = very frustrated user
![Page 29: Visual Authentication Mechanisms. Rationale “Human memory for images is better than for words” Human memory for faces in particular is extremely good](https://reader035.vdocument.in/reader035/viewer/2022062517/56649efd5503460f94c10b7f/html5/thumbnails/29.jpg)
Exercise
Design a visual authentication system.