Links to external sources may no longer work as intended. The content may not represent the latest thinking in this area or the Society’s current position on the topic.
Graphical passwords: will your doodle keep the hackers away?
University of Newcastle
A password system based on drawings has been developed at the University of Newcastle. Research has shown Background Draw-a-Secret (BDAS) to be more reliable and secure than current password systems that use numbers or words.
'Psychological studies show that people recall images far easier than words or numbers,' explains Jeff Yan, a Computer Scientist at Newcastle. 'So the system helps the common problem of the forgotten password. We developed BDAS on Personal Digital Assistant’s but potentially it could be used for any password-protected system, cash-points and iPhones, for example.'
Background Draw-a-Secret works with a picture over which a five by five grid appears, the user chooses one from a set of pictures and draws a free-form image onto this grid as their password. When the user needs to re-enter their password, they will do this using the underlying picture as a reminder. 'The background picture is key to the technique's success,' says Jeff. 'It encourages people to make their passwords more complicated and less predictable, and helps people re-create them in the correct location.' The image does not need to be exactly the same as the original, making the system very user friendly and flexible.
'Most recently we have introduced random decoy strokes to prevent password images being stolen, and expanded the range of underlying pictures that can be used,' says Jeff.