Communications of the ACM
Google Android Authentication
I recently saw a Google Android phone at HotMobile 2009, and was intrigued by the drawing-based authentication mechanism built in.
Basically, there's a 3x3 grid of dots, and to log in, you simply use your finger and draw a pattern across these dots, using each dot at most once.
Here is a YouTube video that nicely shows the Android authentication technique.
Passwords are a popular topic of research in usable privacy and security, due to problems with people remembering so many different passwords. Passwords worked well when we only had one or two of them, but don't work very well now that we have dozens of them. Text-based passwords also don't work well in situations where text input is slow, as is the case with most mobile phones.
The idea of drawing a password has been around for a while.
For example, Draw-A-Secret lets you sketch images on a grid, using that as authentication. A variant of this is PassPoints (link to PDF), which lets
people select points on a background image to login. It's good to see ideas from research starting to transfer over to products, one of my perennial laments about academic research.
One very nice property of Android's authentication scheme is that it makes use of muscle memory, making it easier for people to remember their passwords. There is also a spatial memory aspect too, in that people can create a visual pattern that is likely to be easier than text-based passwords to remember.
However, one concern unique to Android's implementation is using fingers on a glass screen. Unless people wipe their screen after logging in, it will be easy to see what a person's pattern is, just by angling the phone so that light is reflected in the right way to see the oil marks left by the user's finger.
Another concern is shoulder surfing. Your pattern is shown as you draw it, making it easy for a person sitting next to you to see your pattern, as I did when I first saw someone using it. I'd also be willing to bet that there's also a bias in drawing-based passwords created by right-handed and left-handed people.
The biggest question, though, is how well these drawing-based passwords work once we have a lot of them. I use a password manager to store all of my text passwords (I have more than 100 different passwords), but there isn't a common scheme yet for drawing-based passwords, making it hard to store them in a safe manner.
So in short, while I think that there's a lot of potential to drawing-based and graphical-based approaches to authentication, they are likely to only appear in niche cases because despite all of the problems with text-based passwords, text-based passwords are good enough for most situations.
Comments
Marti Hearst
Jason, thanks for the breaking-news update on this kind of password entering technology. I do wonder about the shoulder-surfing question; on the iPhone their methods for entering passwords seem highly vulnerable (each letter is shown in clear text as you type, and then is converted to a dot, plus it is easy for someone to see the virtual keypad), and is often used in public.
Displaying 1 comment