User-generated free-form gestures for authentication: Security and memorability

Michael Sherman, Gradeigh Clark, Yulong Yang, Shridatt Sugrim, Arttu Modig, Janne Lindqvist, Antti Oulasvirta, Teemu Roos

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

81 Sitaatiot (Scopus)


This paper studies the security and memorability of free-form multitouch gestures for mobile authentication. Towards this end, we collected a dataset with a generate-test-retest paradigm where participants (N=63) generated free-form gestures, repeated them, and were later retested for memory. Half of the participants decided to generate one-finger gestures, and the other half generated multi-finger gestures. Although there has been recent work on template-based gestures, there are yet no metrics to analyze security of either template or free-form gestures. For example, entropy-based metrics used for text-based passwords are not suitable for capturing the security and memorability of free-form gestures. Hence, we modify a recently proposed metric for analyzing information capacity of continuous full-body movements for this purpose. Our metric computed estimated mutual information in repeated sets of gestures. Surprisingly, one-finger gestures had higher average mutual information. Gestures with many hard angles and turns had the highest mutual information. The best-remembered gestures included signatures and simple angular shapes. We also implemented a multitouch recognizer to evaluate the practicality of free-form gestures in a real authentication system and how they perform against shoulder surfing attacks. We discuss strategies for generating secure and memorable free-form gestures. We conclude that free-form gestures present a robust method for mobile authentication.

OtsikkoMobiSys 2014 - Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services
ISBN (painettu)9781450327930
DOI - pysyväislinkit
TilaJulkaistu - 2014
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaInternational Conference on Mobile Systems, Applications, and Services - Bretton Woods, Yhdysvallat
Kesto: 16 kesäk. 201419 kesäk. 2014
Konferenssinumero: 12


ConferenceInternational Conference on Mobile Systems, Applications, and Services
KaupunkiBretton Woods


Sukella tutkimusaiheisiin 'User-generated free-form gestures for authentication: Security and memorability'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä