The trend toward a highly mobile workforce and the ubiquity of graphical interfaces (such as the stylus and touch-screen) has enabled the emergence of graphical authentications in Personal Digital Assistants (PDAs) . However, most of the current graphical password schemes are vulnerable to shoulder-surfing [2,3], a known risk where an attacker can capture a password by direct observation or by recording the authentication session. Several approaches have been developed to deal with this problem, but they have significant usability drawbacks, usually in the time and effort to log in, making them less suitable for authentication [4, 8]. For example, it is time-consuming for users to log in CHC  and there are complex text memory requirements in scheme proposed by Hong . With respect to the scheme proposed by Weinshall , not only is it intricate to log in, but also the main claim of resisting shoulder-surfing is proven false . In this paper, we introduce a new graphical password scheme which provides a good resistance to shoulder surfing and preserves a desirable usability
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.