How do you get users to make passwords that are simple enough to remember but complex enough that they
can't be guessed? One approach is to use pictures instead of letters, but how do you prevent someone from looking over
their shoulder and stealing their password? Some researchers at Rutgers have come up with a solution to the
"shoulder-surfing" problem. Their graphical passwords require users to choose in advance a set of
"pass-icons" and when they log in to identify three of them on the screen. Rather than clicking on the icons
themselves, though, the user has to click inside the triangle formed by the icons. Combined with multiple challenges,
the researchers claim it's secure. You can download a demo implementation of graphical passwords or check out
screenshots (click on Using the Simulation) at their site, or read more about the technique in The Rutgers Scholar.Graphical passwords for Windows
How do you get users to make passwords that are simple enough to remember but complex enough that they
can't be guessed? One approach is to use pictures instead of letters, but how do you prevent someone from looking over
their shoulder and stealing their password? Some researchers at Rutgers have come up with a solution to the
"shoulder-surfing" problem. Their graphical passwords require users to choose in advance a set of
"pass-icons" and when they log in to identify three of them on the screen. Rather than clicking on the icons
themselves, though, the user has to click inside the triangle formed by the icons. Combined with multiple challenges,
the researchers claim it's secure. You can download a demo implementation of graphical passwords or check out
screenshots (click on Using the Simulation) at their site, or read more about the technique in The Rutgers Scholar.Related Headlines
Add your comments
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br> tags.














Reader Comments (Page 1 of 1)
1-19-2006 @ 2:26PM
Chris Blair said...
They lost me at "install .NET framework". They should have done this as an AJAX app.
Reply
1-19-2006 @ 7:13PM
zztop said...
sure looks like those "pass-icons" were lifted from http://interfacelift.com/icons-mac/sure looks like those "pass-icons" were lifted from http://interfacelift.com/icons-mac/
Reply
4-19-2006 @ 2:21PM
idris said...
how can i download the source code??
Reply