skip to main content
10.1145/1753846.1754139acmconferencesArticle/Chapter ViewAbstractPublication PageschiConference Proceedingsconference-collections
extended-abstract

Input precision for gaze-based graphical passwords

Published: 10 April 2010 Publication History

Abstract

Click-based graphical passwords have been proposed as alternatives to text-based passwords, despite being potentially vulnerable to shoulder-surfing, where an attacker can learn passwords by watching or recording users as they log in. Cued Gaze-Points (CGP) is a graphical password system which defends against such attacks by using eye-gaze password input, instead of mouse-clicks. A first user study revealed that CGP's unique use of eye tracking required special techniques to improve gaze precision. In this paper, we present two enhancements that we developed and tested: a nearest-neighbour gaze-point aggregation algorithm and a 1-point calibration before each password entry. We found that these enhancements made a substantial improvement to users' gaze accuracy and system usability.

References

[1]
D. Ankrum. Viewing distance at computer workstations. Workplace Ergonomics, 2(5):10--12, September-October 1996.
[2]
R. Biddle, S. Chiasson, and P.C. van Oorschot. Graphical passwords: Learning from the first generation. Technical Report TR-09-09, School of Computer Science, Carleton University, December 2009.
[3]
S. Chiasson, P.C. van Oorschot, and R. Biddle. Graphical password authentication using Cued Click Points. In European Symposium On Research In Computer Security (ESORICS), LNCS 4734, pages 359--374, September 2007.
[4]
S. Chiasson, J. Srinivasan, R. Biddle, and P.C. van Oorschot. Centered discretization with application to graphical passwords. In Usability, Psychology, and Security (UPSEC). USENIX, April 2008.
[5]
A. De Luca, M. Denzel, and H. Hussmann. Look into my eyes! Can you guess my password? In 5th Symposium on Usable Privacy and Security (SOUPS). ACM, 2009.
[6]
A. De Luca, R. Weiss, H. Hußmann, and X. An. Eye-Pass -- eye-stroke authentication for public terminals. In SIGCHI Conference on Human Factors in Computing Systems (CHI), pages 3003--3008. ACM, April 2008.
[7]
A. Duchowski. Eye Tracking Methodology: Theory and Practice. Springer, 2nd edition, 2007.
[8]
P. Dunphy, A. Fitch, and P. Olivier. Gaze-contingent passwords at the ATM. In 4th Conference on Communication by Gaze Interaction (COGAIN), 2008.
[9]
A. Forget, S. Chiasson, and R. Biddle. Shoulder-surfing resistance with eye-gaze entry in click-based graphical passwords. In SIGCHI Conference on Human Factors in Computing Systems (CHI). ACM, April 2010.
[10]
R. Jacob and K. Karn. Eye tracking in human-computer interaction and usability research: Ready to deliver the promises. In J. Hyona, R. Radach, and H. Deubel, editors, The Mind's Eye: Cognitive and Applied Aspects of Eye Movement Research, chapter 4 commentary, pages 573--605. Elsevier Science, 2003.
[11]
M. Kumar, T. Garfinkel, D. Boneh, and T. Winograd. Reducing shoulder-surfing by using gaze-based password entry. In 3rd Symposium on Usable Privacy and Security (SOUPS), pages 13--19. ACM, July 2007.
[12]
M. Kumar, J. Klingner, R. Puranik, T. Winograd, and A. Paepcke. Improving the accuracy of gaze input for interaction. In Eye Tracking Research & Applications Symposium (ETRA), pages 65--68. ACM, 2008.
[13]
D. Nelson, V. Reed, and J. Walling. Pictorial superiority effect. Journal of Experimental Psychology: Human Learning and Memory, 2(5):523--528, 1976.
[14]
R. Vertegaal. A Fitts' Law comparison of eye tracking and manual input in the selection of visual targets. In 10th International Conference on Multimodal Interfaces (ICMI), pages 241--248. ACM, 2008.

Cited By

View all
  • (2021)Cross-cultural effects on graphical password memorability and designJournal of Systems and Information Technology10.1108/JSIT-06-2020-0105ahead-of-print:ahead-of-printOnline publication date: 6-Apr-2021
  • (2020)The Role of Eye Gaze in Security and Privacy Applications: Survey and Future HCI Research DirectionsProceedings of the 2020 CHI Conference on Human Factors in Computing Systems10.1145/3313831.3376840(1-21)Online publication date: 21-Apr-2020
  • (2019)Eye gesture blink passwordMultimedia Tools and Applications10.1007/s11042-018-7043-978:12(16861-16885)Online publication date: 31-Jul-2019
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CHI EA '10: CHI '10 Extended Abstracts on Human Factors in Computing Systems
April 2010
2219 pages
ISBN:9781605589305
DOI:10.1145/1753846
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 April 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. eye tracking
  2. graphical passwords
  3. usable security

Qualifiers

  • Extended-abstract

Conference

CHI '10
Sponsor:

Acceptance Rates

CHI EA '10 Paper Acceptance Rate 350 of 1,346 submissions, 26%;
Overall Acceptance Rate 6,164 of 23,696 submissions, 26%

Upcoming Conference

CHI 2025
ACM CHI Conference on Human Factors in Computing Systems
April 26 - May 1, 2025
Yokohama , Japan

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Cross-cultural effects on graphical password memorability and designJournal of Systems and Information Technology10.1108/JSIT-06-2020-0105ahead-of-print:ahead-of-printOnline publication date: 6-Apr-2021
  • (2020)The Role of Eye Gaze in Security and Privacy Applications: Survey and Future HCI Research DirectionsProceedings of the 2020 CHI Conference on Human Factors in Computing Systems10.1145/3313831.3376840(1-21)Online publication date: 21-Apr-2020
  • (2019)Eye gesture blink passwordMultimedia Tools and Applications10.1007/s11042-018-7043-978:12(16861-16885)Online publication date: 31-Jul-2019
  • (2017)Surface Recalibration as a New Method Improving Gaze-Based Human-Computer InteractionIntelligent Human Systems Integration10.1007/978-3-319-73888-8_31(197-202)Online publication date: 31-Dec-2017
  • (2017)Discovering Trends for the Development of Novel Authentication Applications for Dementia PatientsInternational Conference on Applications and Techniques in Cyber Security and Intelligence10.1007/978-3-319-67071-3_29(220-237)Online publication date: 21-Oct-2017
  • (2011)Gaze-based password authentication through automatic clustering of gaze points2011 IEEE International Conference on Systems, Man, and Cybernetics10.1109/ICSMC.2011.6084072(2749-2754)Online publication date: Oct-2011
  • (2010)Guessing click-based graphical passwords by eye tracking2010 Eighth International Conference on Privacy, Security and Trust10.1109/PST.2010.5593249(197-204)Online publication date: Aug-2010

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media