cybernmd posted in interesting on January 29th, 2006
The Graphical Passwords Project is an interesting alternative to the “typed” passwords we are all used to. “The idea of graphical passwords is to let the user click (with a mouse or a stylus) on a few chosen regions in an image that appears on the screen“. So if you click on the right regions, your are in! I have to agree that clicking on Pamela Anderson’s photo for the password is a lot more exciting compared to typing long strings of ascii. However, Graphical Passwords are still vulnerable to shoulder-surfing, bruteforce, and dictionary attacks (well not exactly dictionary, but we all know that selecting images of nipples for passwords will soon be on top10 commonly used graphical passwords). This paper offers a few solutions to this problem like the use of randomly generated images or numbers and the use of image selection techniques not easily registered by malicious code (like dragging icons on the screen). If you would like to mess around with graphical passwords, then there is a .NET Graphical Password Simulation application to experiment and learn about this password scheme.