UI security topic: UI for private activities

Thomas Pfeiffer colomar at autistici.org
Tue Jan 17 12:09:12 UTC 2012 

> for this i happen to agree a lot with him:
> 
> http://www.networkworld.com/news/2011/122211-windows8-
> authentication-254372.html?hpg1=bn
> 
> 2 problems:
> a) much easier to sneak than someone typing
> b) it leaves a quite clear trace on the touchscreen surface

c) The system that Windows 8 uses is just plain bad, because users tend to
favor specific points on pictures,
so these passwords are easy to guess anyway ;)

This does not mean that graphical passwords are bad in general. Problem a)
and b) are not problems specific to
graphical passwords either. The common denominator of all authentication
using a touchscreen is that if you can
see the screen, you can see the user entering the password. This is a big
disadvantage compared to hardware keyboards
with masked password fields where just seeing the screen gives no
information. But you always have that in a touchscreen,
no matter what method you use.

The system Windows 8 uses aggravates both of the above problems because
users do large, easy to see movements on the screen,
that leave clear traces.
But that's not because it's a graphical system, it's because it is a bad
graphical system.

> I think it's an example of cool looking novelty, but not working in
reality

+1. This holds true for this specific system, but not for graphical
systems in general. 
Take for example Passfaces 
(see http://www.youtube.com/watch?v=7hcTrqiaTRI ) which has the user pick
a series of faces from a 
selection of them, with randomized positions.
Problem b) is clearly solved with approaches like this.
Problem a) still persists, but you can experiment with the size and
position of the faces on the screen to
allow users to cover their hand with their other hand in order to avoid
their selection being seen.
It's not much different from entering your PIN at an ATM.
That does not mean that Passfaces in particular is perfect, it's just an
example that not all graphical
password systems have the same shortcomings.

Just because Microsoft has - once again - shown to implement a good idea
in a bad way does not mean
we should abandon the original idea.
Or is asking for a password for administrative options a bad thing in
general just because MS screwed up
so bad when finally trying it in Windows Vista? I don't think so.

Or what about using the camera? Most tablets and smartphones have one, so
why not using it for biometrical
authentication, like iris recognition?

More information about the Active mailing list