SANA MAQSOOD | HCI RESEARCHER AND PRACTITIONER
  • About
  • Portfolio
    • The JOs
    • Teacher research
    • eAccount system
    • Bend Passwords
    • Cybersecurity mini-games
    • Interactive comic
    • Interactive data visualization
    • Exploratory games
  • Talks and articles
  • Teaching
  • Service
  • Contact

Bend Passwords - novel authentication scheme

Bend Passwords is a novel authentication scheme, which allows users to create passwords on flexible displays, by performing a sequences of bend gestures on the display. ​The password space of Bend passwords is comparable to 6-digit PINs, and offers sufficient complexity with a set of 20 gestures. 

Prototypes

After designing the scheme, I built a physical flexible display prototype using bend sensors, Arduino, Processing, and a flexible PVC, and implemented the scheme on the prototype. I also created a control condition of PINs to compare the usability and security of Bend Passwords. Through threat modeling, I identified two common threats on this novel system: shoulder-surfing and password guessability. ​
Related publications
  1. Sana Maqsood, Sonia Chiasson, Audrey Girouard. Bend Passwords: Using Gestures to Authenticate on Flexible Devices. Personal and Ubiquitous Computing, Springer, 2016.
  2. Sana Maqsood. Shoulder Surfing Susceptibility of Bend Passwords. In SIGCHI Conference on Human factors in Computing Systems (CHI), pages 915-920, 2014.
  3. ​Sana Maqsood, Sonia Chiasson, and Audrey Girouard. Passwords on flexible display devices. In SIGSAC Conference on Computer and Communications Security, pages 1469-1472, 2013.

User studies

To evaluate the usability and security of the novel system, I planned and conducted three user studies with 54 users, comparing the usability and security of Bend Passwords with PINs.  The first compared Bend Passwords with PINs, and found that while users took more time to enter Bend Passwords, they were as memorable as PINs.

​To mitigate threats posed by user chosen passwords, I designed system-assigned Bend passwords and conducted a user study to evaluate their usability and security. The last study explored the threat of shoulder-surfing, with the researcher playing the role of the victim and participants as attackers.
Picture
Methodology for the shoulder-surfing user study

Analysis

Data on the usability and security of the new system was collected using questionnaires, semi-structured post-test interviews, and instrumented prototypes. 

Statistical analysis in SPSS compared the usability and security of the two schemes. Graphs were created of Likert-scale data to visualize user perceptions of the two schemes.
Powered by Create your own unique website with customizable templates.
  • About
  • Portfolio
    • The JOs
    • Teacher research
    • eAccount system
    • Bend Passwords
    • Cybersecurity mini-games
    • Interactive comic
    • Interactive data visualization
    • Exploratory games
  • Talks and articles
  • Teaching
  • Service
  • Contact