Graphical Passwords with Integrated Trustworthy Interface
TIPPI Workshop June 19, 2006Patricia Lareau
V P Product Management
Authentication Design Goals
Consider Security and Usability
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Security Requirements
Usability
Security
Randomly assigned Unique to the application Robust against known attacks Simple Reliable – no fallback needed Not sharable casually or easily Lacks social vulnerabilities Useable anywhere Two-way AuthN
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Usability Requirements
Graphical User Interface Intuitive to use No user rules Independent of user’s aptitude,
training or attentiveness No on-going training EASY to use Portable Fun!
Usability
Security
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Successful AuthN is Both or Neither
Design Leverages:
Secret Interface Protocol
Usability Security
Passfaces Meets the Challenge
Secure and Usable
The Secret
Based on Cognitive Science
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
The Brain Deals with Faces Differently than Any Other Image
Face recognition is a dedicated process which is different from general object recognition.
Source: Face Recognition: A Literature Survey. National Institute of Standards and Technology
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
In the Beginning…
Science has proven that we are genetically predisposed with a unique talent.
We all have the innate ability to easily recognize human faces.
There was a time that recognizing another's face could mean LIFE or DEATH.
Today that need is not so great, but the ability is still there. There is a special place in the brain dedicated to facial
recognition and facial recognition only.
Thinking Outside of the Box Approach….
“Let’s Authenticate the Person”
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Recall vs. Recognize
You must RECALL a password You simply RECOGNIZE a face
Remember High School …. What kind of test did your prefer?
Fill in the Blank Multiple Choice
1 2 3 g f w y
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Our approach
Familiarize the user with a randomly-selected set of faces and check if they can recognize them when they see them again
It’s as easy as recognizing an old friend
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Authentication Session
The secret is Random Easy to recognize but Difficult to describe/share No “cribsheets” needed Always Available Intuitive - Independent of
user age, language or education
Not socially vulnerable
The Interface
Reinforce the Design Objectives
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
How Passfaces Works
Users Are Assigned a Set of 5* Passfaces
User InterfaceLibrary of Faces
* Typical implementation – 3 to 7 possible as standard
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
How Passfaces Works
5 Passfaces are Associated with 40 associated decoys Passfaces are presented in five 3 by 3 matrices each having
1 Passface and 8 decoys
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
New Users are Familiarized with their Passfaces
Users enroll with a 2 to 4 minute familiarization process
Using instant feedback, encouragement, and simple dialogs, users are trained until they can easily recognize their Passfaces
The process is optimized and presented like an easy game
Let’s PracticeLet’s Practice
Action
Click OnYour Passface
It’s Moving
(There is only One on this Page)
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Familiarization Puts Cookies in the Brain
Like a mindprint or brain cookieBut, unlike fingerprints, Passfaces require no special hardware
And, unlike browser cookies, Passfaces authenticate the actual user
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Authentication Session
The interface… Graphical Self-prompting
User cannot choose or reuse NO burden of recall
3X3 grid Ergonomic Maps to keypad, phone,
pinpad More entropy than a user
chosen secret
The Protocol
Maximize Defenses – Maximize Usability
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Grid set is random per user Grids need not be secret but must
be correct AUTHENTICATION IS NOT
POSSIBLE WITHOUT PRESENTATION OF CORRECT GRIDS
Mutual Authentication is implicit- user attentiveness unnecessary
Phishing today is stopped Phishing tomorrow is hard work Blacklisting is possible
Configuration Data
John Doe
sparky123
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
Grid Presentation
Multiple Grids Random display within grid Familiar order of grids for
user comfort Library Use
Thousands of random sets available
Shoulder surfing deterrentAnti phishing strategies Mutual AuthN enhanced
Passfaces Corporation ■ 175 Admiral Cochrane Drive ■ Annapolis, Maryland 21401 ■ 1.800.682.0604
A New Class of Authentication
Passfaces represents a new, 4th class of authentication:
CognometricsRecognition-Based Authentication