005 Computerprogrammierung, Programme, Daten
Refine
Departments, institutes and facilities
Document Type
- Conference Object (8)
- Article (6)
Year of publication
- 2010 (14) (remove)
Has Fulltext
- no (14)
Keywords
- Computing Milieux (1)
- Geo-tagging (1)
- Management (1)
- Mobile devices (1)
- Offshoring (1)
- Password Masking (1)
- Password Visualization (1)
- Passwords (1)
- Repositories (1)
- SME (1)
Publikation von Umweltdaten
(2010)
When entering a password (or other secrets) the typed input is most commonly masked, i.e. the characters are hidden behind bullets or asterisks. This, however, complicates the input and highly decreases the user's confident causing several issues such as login failure attempts. On the other hand, password masking is an important security requirement for a lot of applications and contexts to prevent a third person to read the password. Thus, simply dropping password masking is not feasible in general. A common solution provides the user with the choice of toggling password masking on and off, but due to distinct defaults (in dependency of the application and context) this is rather complex and confusing. Enhanced password visualization technologies beyond the simple masking of passwords can provide more sophisticated solutions from both a usability and security perspective. In this paper, available password visualization technologies are presented and discussed. Furthermore a novel password visualization approach is introduced, the TransparentMask, which provides unique properties in comparison to the existing schemes. Amongst these are the ability to detect mistakes while typing and being able to localize and correct the typo within a certain range. Finally, a security analysis of the TransparentMask shows that the protection level given by a certain password length is slightly decreased in comparison to the fully masked approach.