Abdrabou, Yasmeen; Shams, Ahmed; Mantawy, Mohamed Omar; Khan, Anam Ahmad; Khamis, Mohamed; Alt, Florian; Abdelrahman, Yomna
Document type:
Konferenzbeitrag / Conference Paper
Title:
GazeMeter: Exploring the Usage of Gaze Behaviour to enhance Password Assessments
Title of conference publication:
ETRA '21 Full Papers: ACM Symposium on Eye Tracking Research and Applications
Conference title:
ACM Symposium on Eye Tracking Research and Applications (2021, Stuttgart)
Venue:
Stuttgart, Germany
Year of conference:
2021
Date of conference beginning:
25.07.2021
Date of conference ending:
27.07.2021
Place of publication:
New York, NY, USA
Publisher:
ACM
Year:
2021
Language:
Englisch
Abstract:
We investigate the use of gaze behaviour as a means to assess password strength. We contribute to the effort of making users choose passwords that are robust against guessing-attacks. While password policies and meters demonstrated the potential to increase password strength, these approaches provide important cues to attackers as well. Eye tracking enables a novel approach: by analysing people‘s gaze behaviour during password creation, its strength can be determined without revealing its properties. To demonstrate the feasibility of this approach, we present a proof of concept study (N=15) in which we let participants enter weak and strong passwords. Our findings reveal that it is possible to estimate password strength from gaze behaviour using Machine Learning techniques. In this way, we enable research on novel interfaces that motivate people to come-up with stronger passwords. «
We investigate the use of gaze behaviour as a means to assess password strength. We contribute to the effort of making users choose passwords that are robust against guessing-attacks. While password policies and meters demonstrated the potential to increase password strength, these approaches provide important cues to attackers as well. Eye tracking enables a novel approach: by analysing people‘s gaze behaviour during password creation, its strength can be determined without revealing its proper... »