Using Graphical Passwords with Two Factor Authentication

Problem

•Human- computer interaction is generally the weakest point of any computer security system

 

• As computers grow in power (Moore’s Law) passwords that were once secure can be more easily cracked

 

•Two combat this, we can use Two factor authentication

 

•To alleviate this frustration, we can use graphical passwords as the second form of authentication

Solution

 

•Build a system that provides end users with a graphical image instead of a one-time code

 

•The image will be a face, as studies have shown people are great at remembering faces

2Face

Results

•Users were able to select the matching image 97% of the time

 

•The average time it took the user to select was 1.86 seconds

 

• For correct answers, it was a little faster with an average of 1.67 seconds

 

•For wrong answers it was a little slower, with an average of 1.93 seconds

 

•Changing the time users got to look at an image had little effect on how correct they were at guessing

Conclusion

• Users were able to quickly identify the faces provided with:

 

•Few errors

•High user satisfaction

 

• The quickly build application shows that graphical passwords provided great user experience for the second factor of 2FA

 

•This could be especially helpful in systems where high user adoption is critical

Future Work

• Overall security of the system

 

•What are the major weakness of the system?

•How easy is it to exploit?

•What are some solutions to combat this?

 

•Faces vs other images

•Are faces the best solution?