Evaluating attack and defense strategies for smartphone pin shoulder surfing
Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, 2018•dl.acm.org
We evaluate the efficacy of shoulder surfing defenses for PIN-based authentication systems.
We find tilting the device away from the observer, a widely adopted defense strategy,
provides limited protection. We also evaluate a recently proposed defense incorporating an"
invisible pressure component" into PIN entry. Contrary to earlier claims, our results show this
provides little defense against malicious insider attacks. Observations during the study
uncover successful attacker strategies for reconstructing a victim's PIN when faced with a tilt …
We find tilting the device away from the observer, a widely adopted defense strategy,
provides limited protection. We also evaluate a recently proposed defense incorporating an"
invisible pressure component" into PIN entry. Contrary to earlier claims, our results show this
provides little defense against malicious insider attacks. Observations during the study
uncover successful attacker strategies for reconstructing a victim's PIN when faced with a tilt …
We evaluate the efficacy of shoulder surfing defenses for PIN-based authentication systems. We find tilting the device away from the observer, a widely adopted defense strategy, provides limited protection. We also evaluate a recently proposed defense incorporating an "invisible pressure component" into PIN entry. Contrary to earlier claims, our results show this provides little defense against malicious insider attacks. Observations during the study uncover successful attacker strategies for reconstructing a victim's PIN when faced with a tilt defense. Our evaluations identify common misconceptions regarding shoulder surfing defenses, and highlight the need to educate users on how to safeguard their credentials from these attacks.
ACM Digital Library以上显示的是最相近的搜索结果。 查看全部搜索结果