| With the rapid development of the Internet and big data,information security has become more and more important,and password authentication is one of the core tasks of computer security.In recent years,the use of mobile devices has grown tremendously,such as smartphones and tablets.Users can perform many operations on their devices,including social networking,online shopping,and mobile banking,where they can access large amounts of personal data.At the same time,mobile devices are small and easily lost or stolen,so it is necessary to protect sensitive data from unauthorized accesses.Screen lock is the most commonly used strategy to prevent unauthorized access in mobile devices,and Android graphical unlock pattern is an entry mechanism for Android systems.As an alternative to traditional text passwords and PINs,the Android graphical unlock pattern is very popular due to its potential advantages in memory.However,similar to text passwords,Android graphic password authentication still has great security problems.Users often choose weak passwords,and it is very easy for an attacker to guess these weak passwords.Therefore,helping users create strong passwords is still a hot topic in password research.To help users create strong passwords,this paper proposes some methods and,and studies the security and usability of the Android graphical unlock pattern.The main work is summarized as follows:1.According to the existing Android graphical password strength meter measurement methods,we propose a a new user pattern driven Android graphical password strength meter measurement method.This method is not only based on the visual characteristics of passwords,but also combines the statistics of the commonly used special character shapes and tri-grams in the existing large-scale experimental analysis with Markov model as the characteristics of evaluating the strength score of passwords.2.The research in this paper uses an online simulation system to collect user-created passwords by recruiting participants.According to the measurement method of Android graphical password strength meter designed by us,we compare the characteristics of user-created graphical password with and without strength meter groups,and evaluate the effectiveness and security of the strength meter.The research shows that our password strength meter is effective,and can improve the security of the Android graphical unlock pattern.The evaluation method is also relatively strict,and the characteristics of user-created passwords with the help of a strength meter have also changed significantly.3.On the basis of keeping the nine points of the Android graphical unlock pattern unchanged,this paper changes the original 3×3 layout of the Android unlock pattern,and proposes four new arrangement layout patterns.Participants were recruited through experiments to collect graphical passwords created by users in different patterns,and we analyze the security and usability of these four new patterns.The results show that Housel pattern,Circle pattern,and House2 pattern have higher entropy values.Their security is better than the original Android pattern,which has stronger resistance.But Trapezium pattern has the lowest entropy value and weaker resistance.In terms of usability,the original Android pattern still performs best,but the other four new patterns also have some memorability.4.Based on the Android graphical password strength meter measurement method we proposed,we make a few modifications to calculate the strength score of the other four new patterns.It is found that Circle pattern has the highest strength score,and users can better create strong passwords.The main work and contributions of this paper are described above.We conducted a detailed study on the security and usability of the Android graphical password. |
PDF Full Text Request