Cryptography Reference
In-Depth Information
Figure 7.2
Variations on inputting the “tomato” password, from Ian Jermyn, Alain Mayer,
Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin, “The Design and Analysis
of Graphical Passwords,” in
Proceedings of the 8th USENIX Security Symposium
(Berke-
ley: USENIX Association, 1999). Used by permission.
strategies that take advantage of the dual graphical/linguistic nature of
passwords.
Graphical Passwords
A second strategy relies on the
picture effect
, “the substantial improvement
of performance in recall and recognition with pictorial representations of
to-be-remembered material over verbal representations.”
39
The most
accepted explanation for the picture effect is currently provided by
dual-
code theory
, which proposes that knowledge is encoded and processed in
two functionally distinct memory systems—one verbal, for linguistic infor-
mation, one nonverbal, for perceptual information. Dual-code theory
hypothesizes that “pictures automatically engage multiple representations
and associations with other knowledge about the world, thus encouraging
a more elaborate encoding than occurs with words.”
40
The idea behind graphical passwords is simple: the password is a drawing
on a grid (say, 4 × 4), such as can be implemented on the screen of
a smartphone (see figure 7.3). Each cell on the grid is denoted by (
x
,
y
)
