Paper Info
Title
Reducing shoulder-surfing by using gaze-based password entry
Abstract
Shoulder-surfing -- using direct observation techniques, such as looking over someone's shoulder, to get passwords, PINs and other sensitive personal information -- is a problem that has been difficult to overcome. When a user enters information using a keyboard, mouse, touch screen or any traditional input device, a malicious observer may be able to acquire the user's password credentials. We present EyePassword, a system that mitigates the issues of shoulder surfing via a novel approach to user input. With EyePassword, a user enters sensitive input (password, PIN, etc.) by selecting from an on-screen keyboard using only the orientation of their pupils (i.e. the position of their gaze on screen), making eavesdropping by a malicious observer largely impractical. We present a number of design choices and discuss their effect on usability and security. We conducted user studies to evaluate the speed, accuracy and user acceptance of our approach. Our results demonstrate that gaze-based password entry requires marginal additional time over using a keyboard, error rates are similar to those of using a keyboard and subjects preferred the gaze-based password entry approach over traditional methods.
Year
DOI
Venue
2007
10.1145/1280680.1280683
SOUPS
Keywords
Field
DocType
novel approach,gaze-based password entry,gaze-based password entry approach,malicious observer,user study,user input,sensitive input,on-screen keyboard,user acceptance,password credential,shoulder surfing,input device,error rate,eye tracking
Internet privacy,Eavesdropping,Gaze,Computer science,Computer security,Usability,Eye tracking,Password,Shoulder surfing,Cognitive password,Input device
Conference
Citations 
PageRank 
References 
114
5.68
27
Authors
4
Search Limit
100114
Name
Order
Citations
PageRank
Manu Kumar128414.38
Tal Garfinkel22008171.66
Dan Boneh3212541398.98
Terry Winograd441571148.77