Technical Field
The present invention relates generally to security and, in particular, to picture/gesture password protection.
Description of the Related Art
Picture password, also referred to herein as picture/gesture password, is a process by which users can sign in to their device using a picture and performing touch gestures on the picture (via, e.g., a touchscreen or mouse). Picture password is becoming more popular as a login process due to the prevalence of mobile devices and touch screens. The companies using these picture password technologies claim that gestures are faster and simpler to remember than long alphanumeric passwords. However, these actions/gestures have some vulnerabilities.
People tend to use similar patterns while doing gestures during this process (left to right movements with lines or top/right/bottom/left/top movements with circles as examples). Hackers/attackers can “look over the shoulder” (by proximity, with cameras, and so forth) to copy picture password patterns easily. Pictures could be too simple (not enough contrast) such that picture passwords may not be suitable for a secure process. For example, some photos do not have many points of interests and will cause the user to only have few options for touch patterns.
Thus, there is a need for improved picture/gesture password protection.